Posts Tagged: mobile

Payment Cards are Dead. Long Live Payment Cards.

PCI DSS compliance logo credit cards

Any payment technology analyst will tell you that the payments market has exploded over the last few years. An explosion sounds great, but it also suggest fragmentation. Which is another way of saying that the customer has a confusing array of choices. Not that confusion is anything new. Everyone has, at some point, fumbled through a stack… Read more »

5 Constraints To Security Innovation

“We now have a massive security industry, and hacking and data loss is a bigger issue than ever before”   The great thing about the information security field is that it constantly re-invents itself, or at least it tries to. In truth, real innovation is rare, and recyling is common. Developments in information security are… Read more »

Mastercard Best Practices for Mobile POS Acceptance

Mastercard has released “Mastercard Best Practices for Mobile Point of Sale Acceptance”. If you’re a POS solution developer, you’ll be interested in this document as it provides guidance on how to develop your solution, and if you’re a merchant, it provides you with guidance on the kinds of features your intended mobile POS implementation should… Read more »

New: Mobile Payment Acceptance Guidelines

Fresh from the PCI SSC – Mobile Payment Acceptance Guidelines. These are guidelines on payment acceptance using smartphone apps, and will be interesting reading to many of our readers. Download from here. Useful links: https://www.ambersail.com/what-is-sequel-injection/ https://www.ambersail.com/pci-dss-penetration-test-policy/ https://www.ambersail.com/blocking-your-penetration-tester/ https://www.ambersail.com/gdpr-now-the-dust-has-settled/

Apple iOS Security Guide

Apple has (somewhat quietly) published a guide to iOS security. If you’re building apps on the iOS platform then this document will certainly be of interest to you. For example there are details of the platform’s data protection and encryption mechanisms. Download the PDF from here. Useful links: https://www.ambersail.com/what-is-sequel-injection/  

Which Applications Are Eligible for PA DSS?

If you can answer “yes” to any of the following questions, then your application is not eligible for validation under PA DSS  Is this a beta version of the application? Does the application handle cardholder data, but the application itself does not facilitate authorization or settlement? Does the application facilitate authorization or settlement, but has… Read more »