Visa Europe has lunched security guidelines to ensure trust in mobile acceptance solutions. Practices are issued for e-customers, e-commerce services management and software and hardware providers.
One of the main points lunched by organization is about encryption and tokens technologies use as on-line payments standards. It enabled a growing number of small and medium size companies to start on-line business. According to Visa this technologies have already proven to be suitable to different retail and payment processing environments.
Best practices for vendors and merchants by Visa Europe:
1. Implement secure mobile payment acceptance solutions:
- provide applications with a know chain of trust,
- develop applications based on secure coding guidelines,
- protect encryption keys and use it in accordance to standards.
2. Limit exposure of mobile payment:
- encrypt all public transmission of account data,
- protect account data and payment card by trusted applications,
- provide the ability to truncate Primary Account Number,
- protect stored data to authenticate.
3. Transfer data:
- only use solutions intended by known providers,
- install software only from trusted sources,
- protect customers from malware,
- immediately report the loss or theft device or accessory.
The practices are one of security channel intended by Visa. Before the customers adhere to the principles set forth in the Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standards (PA-DSS).
It all help retailers, consumers and financial institutions to expect the same standards for mobile acceptance solutions. Moreover it is a way to fast and easy recognize e-commerce service with trusted payment system.
See the original article here.
Sectigo, formerly known as Comodo CA, is entering the next phase of its transition: it’s replacing Comodo CA roots with USERTrust roots on January 14, 2019. Why it happens and what it will mean to Sectigo customers?
General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.
In November this year we wrote about the need to replace SSL certificates issued by Symantec Group. Find out the dates when you need to re-issue your certificates.