Securely handling credit card transactions earns Blackboard kudos
Adam Shostack
adam at homeport.org
Sat Jun 10 15:32:31 EDT 2006
Aren't these the same guys who sued a researcher to secure their
systems?
http://www.google.com/search?client=safari&rls=en&q=blackboard+billy+hoffman&ie=UTF-8&oe=UTF-8
On Sat, Jun 10, 2006 at 11:36:24AM -0600, Anne & Lynn Wheeler wrote:
| Securely handling credit card transactions earns Blackboard kudos
| http://www.contactlessnews.com/library/2006/06/08/securely-handling-credit-card-transactions-earns-blackboard-kudos/
|
| ... from above
|
| "These programs utilize the Payment Card Industry (PCI) data security
| standard as the foundation to assess third-party processors," he added.
| "This standard ensures that all third-party processes safely and
| securely store, process, and transmit sensitive credit card data across
| their network infrastructures. This is the second year that Blackboard
| has achieved this milestone in the payment card industry."
|
| ... snip ...
|
| couple other refs
| http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html
| https://sdp.mastercardintl.com/
|
| this can also somewhat be considered from the standpoint of my old
| security proportional to risk posting
| http://www.garlic.com/~lynn/2001h.html#61
|
| however, it can also be interpreted that "sensitive credit card data" is
| represented by an infrastructure with naked and vulnerable transactions:
| http://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to
| ensure the security of financial transactions on the Internet
|
| i.e. that when dealing with naked and vulnerable transactions then the
| overall infrastructure requires extensive armoring (as countermeasure to
| attacks on naked transactions that otherwise don't have any of their own
| protection)
|
| one might be tempted to draw an analogy with the bubble boy reference
| http://www.imdb.com/title/tt0074236/
| http://www.imdb.com/title/tt0258470/
|
| about the countermeasures needed for a boy that was w/o his own immune
| system to combat attacks.
|
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list