PCI Compliance Anyone?

swiftmoney

swiftmoney

∞
Sep 14, 2011
999
8
0
Hi.

Im looking for someone who has experinece with PCI Compliance procedures for a project that I have going. I basically need someone to bring our server and website up to standards.
Pm me if you're interested and have experience in this area.


Cheers.
Mark.
 


It's a total joke, for the most part.

Answer the multiple choice question quiz, they do a quick port scan of your server, verify your SSL cert, and that's it. They don't actually verify that you're encrypting CC data, not storing CVV codes, etc. It's basically a money grab as far as I'm concerned.
 
^^ This.

When I was in merchant banking I found out quickly how ridiculous the whole process was. There are however certain types of certifications that are like an "insurance" in case of a breach, since the Visa/Mastercard fines are 10K minimum per breach if I recall correctly (ControlScan is the one we gave all merchants). The insurance pays that off in case of one, kind of like life insurance. But it depends on your merchant processing.

We were the merchant bank, who's money was actually being floated. I learned quickly, the banking system is more retarded than most. "Banking security" is just an illusion is just fucking cardboard help together by duck tape.

PCI Compliant, lol, you'd have to be literally retarded in order to NOT pass, that's how ridiculous it is.

I remember one scenario where a pizza store had default username and passwords on their wireless router, with customers able to jump on the wifi, and they said that shit was compliant. Dude got breached of course. Use cash whenever possible. Enough trips down memory lane...

Carry on...
 
^^ Exactly.

IIRC it cost me $150 every 3 months, so their automated script could do a quick port scan of my server, and let me know my card has been charged.

And I wasn't even compliant anyway. I was storing CVV codes, which you're not allowed to do.
 
You must log in or register to reply here.
Top Bottom
Back