The Logic Group Blog

I was recently browsing, when I came upon an interesting article.

 

It was discussing the Monty Hall problem.

 

For those of you who don’t know, this problem is based on a US quiz show and has caused a huge amount of debate at various times in the past. The idea is as follows.

 

A contestant is asked to look at three closed doors and told behind two of them is a goat and behind the other, there is a sports car. Choose the correct door, you get the car, choose incorrectly and you go home with an old goat. (Please add your own joke here)

I have just been reading the new guidance provided by the PCI SSC on Virtualisation. This document has been long anticipated, having been pre - announced at the PCI SSC User Forum back in October 2010.

 

The document includes advice for local virtualised servers and environments as well as advice for those merchants considering a wholesale switch to cloud computing in whatever flavour they believe beneficial. It covers a wide range of options and topics and the authors are to be congratulated on the output they have achieved.

Well looking at the latest news, Sony Corp. still remains in the spotlight. A new hacking group seem to have made Sony Corp. the focus of their current efforts. However I believe the most interesting incident from a security perspective is the attempted break in at Lockheed Martin and the recent announcement from RSA regarding the replacement of SecurID tokens.

This weekend I witnessed a major breakthrough in contactless payment acceptance. Having spent a lazy sunny afternoon in a beer garden, we asked to close our tab. I watched in disbelieve as the waiter started waving my debit card back and forth over the PIN Pad for a good minute, before inserting my card into the reader looking slightly disappointed. Having noticed my quizzical look, he went on to explain that their PIN pad accepts contactless, and he had been waiting for the day that someone went to pay with a contactless card! For me this was very encouraging – Contactless has migrated from focused busy London locations, all the way to a sleepy village pub 50 miles outside the capital! This waiter not only knew that the PIN Pad supported contactless, but also must have recognised the symbol on my payment card!

What a busy year we are having. Following the release and implementation of the Payment Card Industry (PCI) Data Security Standard (DSS) v2.0, the PCI Security Standards Council (SSC) have just released their new version of the PCI DSS Prioritised Risk Approach for PCI DSS v2.0.

 

Available from all good websites, this new document outlines the six milestones which make up the Prioritised Approach to PCI DSS. As many of you are aware; acquiring banks have been increasingly measuring their merchant progress to PCI DSS compliance by their achievement of the milestones, with Milestone 1 being assessed as the most important, covering areas such as cardholder flows, sensitive authentication data and cardholder data retention, down to Milestone 6.