Posts Tagged ‘security’

Visa Inc. Sets Software Security Deadlines

July 16th, 2009 | Author: ulros

Use of Secure Payment Applications Required Across Visa Regions

San Francisco – July 14, 2009

Visa Inc. (NYSE: V) today announced global requirements for financial institutions to ensure their merchant customers and agents use secure payment applications that do not store prohibited data elements and adhere to the Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS).

The PA-DSS is a global set of security requirements for software vendors who develop payment applications. PA-DSS compliant applications do not store prohibited data such as track data, sensitive authentication data, or PIN data, helping merchants and agents who use them mitigate compromises and support overall compliance with the Payment Card Industry Data Security Standard (PCI DSS).

In Asia Pacific (AP); Central and Eastern Europe, Middle East and Africa (CEMEA); and Latin America and the Caribbean (LAC), Visa acquirers must ensure that newly signed merchants use PA-DSS compliant applications by 1 July 2010. By 1 July 2012, those acquirers must ensure existing merchants and agents in the Visa network use PA-DSS compliant applications.

As previously communicated to U.S. and Canada financial institutions, Visa acquirers must ensure that all new and existing merchants and agents in the Visa network use PA-DSS compliant applications by 1 July 2010.

Visa research confirms that vulnerable payment applications are a major cause of compromise incidents, particularly among small merchants. “Criminals are targeting certain versions of software known to have security vulnerabilities,” said Eduardo Perez, head of global data security, Visa Inc. “It’s essential that every business that handles payment card information adhere to the highest data protection standards to protect the security and privacy of their customers’ financial information,” Perez said.

Visa recommends that merchants and agents ask their payment application vendors, resellers or system integrators to confirm that software versions used do not store magnetic-stripe, PIN data or security codes. “Merchants with vulnerable payment applications should move quickly to either patch or upgrade their systems,” Perez said.

A list of products that have been independently validated against Visa’s Payment Application Best Practices (PABP) or the PA-DSS can be found at www.pcisecuritystandards.org or www.visa.com/cisp.

About Visa

Visa operates the world’s largest retail electronic payments network providing processing services and payment product platforms. This includes consumer credit, debit, prepaid and commercial payments, which are offered under the Visa, Visa Electron, Interlink and PLUS brands. Visa enjoys unsurpassed acceptance around the world and Visa/PLUS is one of the world’s largest global ATM networks, offering cash access in local currency in more than 170 countries. For more information, visit www.corporate.visa.com.

Contacts:
Sandra Chu, Visa Inc.
Tel: +1 415 932 2564
E-mail: globalmedia@visa.com

Posted in CreditCard, Visa | Tags: , , , , , , , , | No Comments »

0090009918 – NCR CCD camera

June 26th, 2009 | Author: ulros

Hello all,

can anyone provide me with some detailed information about a CCD camera for a NCR ATM? The only thing I have is the part number ;-)

0090009918 – NCR CCD camera

Where to buy, what price…

Thank you in advane. To contact me please use the contact form.

Posted in Marketplace, NCR, atm security | Tags: , , , , , , | No Comments »

Security Alert: Malicious software (malware) found installed on compromised ATMs (Automated Teller Machines)

June 18th, 2009 | Author: ulros

Trustwave’s SpiderLabs performed the analysis of malicious software (malware) found
installed on compromised ATMs (Automated Teller Machines) in the Eastern European
region. This malware captures magnetic stripe data and PIN codes from the private memory
space of transaction-processing applications installed on a compromised ATM. The
compromised ATMs discussed in this briefing ran Microsoft’s Windows XP operating system.

The malware contains advanced management functionality allowing the attacker to fully
control the compromised ATM through a customized user interface built into the malware.
This interface is accessible by inserting controller cards into the ATM’s card reader.
SpiderLabs analysts do not believe the malware includes networking functionality that
would allow it to send harvested data to other, remote locations via the Internet. The
malware does, however, allow for the output of harvested card data via the ATM’s receipt
printer or by writing the data to an electronic storage device (possibly using the ATM’s card
reader). Analysts also discovered code indicating that the malware could eject the cash-
dispensing cassette.

What follows is a high-level summary of the key features identified during Trustwave’s in-
depth analysis of the malware sample. It is, however, believed that this is a relatively early
version of the malware and that subsequent versions have seen significant additions to its
functionality.
Read the rest of this entry »

Posted in Fraud, atm security | Tags: , , , , , , | No Comments »

Contact Us | Terms of Use | Trademarks | Privacy Statement
Copyright © 2009 cashotec.com. All Rights Reserved.

Designed by ulrosmarketing.