Securely handling credit card transactions earns Blackboard kudos

Adam Shostack adam at homeport.org
Sat Jun 10 15:32:31 EDT 2006


Aren't these the same guys who sued a researcher to secure their
systems?

http://www.google.com/search?client=safari&rls=en&q=blackboard+billy+hoffman&ie=UTF-8&oe=UTF-8



On Sat, Jun 10, 2006 at 11:36:24AM -0600, Anne & Lynn Wheeler wrote:
| Securely handling credit card transactions earns Blackboard kudos
| http://www.contactlessnews.com/library/2006/06/08/securely-handling-credit-card-transactions-earns-blackboard-kudos/
| 
| ... from above
| 
| "These programs utilize the Payment Card Industry (PCI) data security 
| standard as the foundation to assess third-party processors," he added. 
| "This standard ensures that all third-party processes safely and 
| securely store, process, and transmit sensitive credit card data across 
| their network infrastructures. This is the second year that Blackboard 
| has achieved this milestone in the payment card industry."
| 
| ... snip ...
| 
| couple other refs
| http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html
| https://sdp.mastercardintl.com/
| 
| this can also somewhat be considered from the standpoint of my old 
| security proportional to risk posting
| http://www.garlic.com/~lynn/2001h.html#61
| 
| however, it can also be interpreted that "sensitive credit card data" is 
| represented by an infrastructure with naked and vulnerable transactions:
| http://www.garlic.com/~lynn/aadsm24.htm#5  New ISO standard aims to 
| ensure the security of financial transactions on the Internet
| 
| i.e. that when dealing with naked and vulnerable transactions then the 
| overall infrastructure requires extensive armoring (as countermeasure to 
| attacks on naked transactions that otherwise don't have any of their own 
| protection)
| 
| one might be tempted to draw an analogy with the bubble boy reference
| http://www.imdb.com/title/tt0074236/
| http://www.imdb.com/title/tt0258470/
| 
| about the countermeasures needed for a boy that was w/o his own immune 
| system to combat attacks.
| 
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list