Non-compliance fees; considering alternative approaches
Blog, Uncategorized

Non-compliance fees; considering alternative approaches

Non-compliance fees are viewed by many as an acceptable short-term solution to a merchant’s unwillingness to engage with a compliance program. However, often despite the best efforts by acquirers, some merchants continue to remain disengaged.   So when a merchant ignores notifications regarding their non-compliance status and the application of non-compliance fees, it may be […]

EU General Data Protection Regulation, what you need to know  
Blog, Uncategorized

General Data Protection Regulation, what you need to know  

By Natasja Bolton, Senior Acquirer Support QSA   The General Data Protection Regulation, or GDPR for short, will affect the processing and movement of the personal data of the approximately 500 million citizens populating the EU Member States. The new legislation will apply across all EU Member States from 25th May 2018.   Furthermore, the […]

State of Pay – have mobile payments reached a turning point?
Blog, Uncategorized

State of Pay – have mobile payments reached a turning point?

By Natasja Bolton, Senior Acquirer Support QSA In 2012, Mastercard published the results of their survey of the global mobile payments landscape in their Mastercard Mobile Payments Readiness Index.  The survey recognised that while mobile payments adoption has dependencies on six major elements from infrastructure and financial services to regulation, the critical success factor for […]

New tools in the fight against ransomware
Blog, Uncategorized

New tools in the fight against ransomware

With ransomware showing no signs of disappearing soon, a central repository website entitled “No-More-Ransom” has been established to disrupt cybercriminal businesses with ransomware connections. Europol’s European Cybercrime Centre has teamed up with the National High Tech Crime Unit of the Netherlands’ police, and two cyber security companies to offer advice and troubleshooting services.   A […]

MICROS Security Incident – steps to protect your customers
Blog, Uncategorized

MICROS Security Incident – steps to protect your customers

By Natasja Bolton, Senior Acquirer Support QSA   On August 8th, 2016 Oracle issued a letter informing their MICROS customers that malicious code had been detected in certain legacy systems and advising on the actions their customers should take. Oracle’s letter and subsequent FAQs did not give details of the root cause of the MICROS […]

Ask a QSA
Blog, Uncategorized

Ask a QSA

‘Ask a QSA’ recently received the below question that we believe will be of interest to our readers. Seasoned QSA, Natasja Bolton answers. Do fuel cards need to be included in PCI DSS compliance?   In my experience and my QSA colleagues here at Sysnet, we do not believe that there are card scheme branded […]

Timelines set for EU Directive on Network and Information Security
Blog, Uncategorized

Timelines set for EU Directive on Network and Information Security

By Natasja Bolton, Senior Acquirer Support QSA In our recent data breach article, we discussed the need for businesses to consider both their Payment Card Industry Data Security Standard (PCI DSS) and legal obligations when planning for security incidents and data breach reporting. In this article we discuss the recently published EU directive on Network […]

Uncategorized

Enhancing your cyber defence through a physical security assessment

Physical Security Assessments can be viewed as a penetration test against the physical infrastructure of an organisation. Instead of the assessment of computer networks and services, buildings and physical locations are being assessed.   During this type of assessment the overall physical security of the location of a building, the facilities and the access controls […]