Maintaining-Your-Compliance-with-the-PCI-DSS-All-Year-Round
Articles, Blog

Maintaining Your Compliance with the PCI DSS – All Year Round

Compliance with the PCI DSS (Payment Card Industry Data Security Standard) is mandatory for all businesses accepting cards for payment. The Standard ensures appropriate security protocols are applied to your payment acceptance environment to protect against fraud.   In its simplest form, the process of achieving compliance involves a scoping (or profiling) stage, which determines […]

0 Shares
Addressing the growing risk from insecure third party remote access
Blog

Addressing the growing risk from insecure third party remote access

By Judith Clark, QSA Consultant In recent years, numerous security reports have identified an increasing trend for intrusions affecting Point of Sale (POS) environments to have involved insecure remote access from service providers and their networks.  As the ENISA points out, criminals are turning to network-based attacks against retailers’ POS infrastructure because attacks requiring physical […]

0 Shares
Articles, Blog, Uncategorised, Videos

Protecting card reading devices – 6 suggestions for your customers

Businesses that accept payment cards for goods or services are often targeted by criminals who will attempt to tamper or substitute their card reading device. Regular inspection of payment card terminals and PIN entry devices is one of the most effective ways that businesses can ensure that their devices are secure from tampering and substitution. In the […]

0 Shares
Why P2PE Solution Validation is not as hard as you may think
Articles, Blog

Why P2PE Solution Validation is not as hard as you may think

Natasja Bolton, Senior Acquirer Support, investigates   We previously wrote about the release of PCI P2PE Version 2 and its impact for acquirers and their merchants. In this follow-up article we explore an issue that has come to Sysnet’s attention: that many terminal solution providers and point-of-sale (POS) vendors appear to be actively avoiding P2PE […]

0 Shares
Merchant aggregators – A risky prospect?
Articles, Blog

Merchant aggregators – A risky prospect?

Over the past number of years the merchant aggregator model has become more and more popular to the point where it might even be considered commonplace. These enterprises that essentially bring together a fragmented marketplace, funnel and process multiple merchant transactions through a single account.   Well-known merchant aggregator brands such as Paypal, Checkout by […]

0 Shares
Blog, Client Resources

Malware POS Alert – AbaddonPOS and Cherry Picker

by Dr. Grigorios Fragkos, VP Cybersecurity Two new malware files have been identified targeting point-of-sale (POS) terminals called AbaddonPOS and Cherry Picker. The AbaddoPOS malware is delivered by the Angler Exploit Kit or through an infected Microsoft Office document. The malware targets the memory of all processes running on the infected system (excluding its own […]

0 Shares
Easier PCI compliance with PCI-validated P2PE Solution
Articles, Blog, Client Resources

Easier PCI compliance with PCI-validated P2PE Solution

by Jason McWhirr, IS Consultant Not surprisingly, most retailers are focussed on their customers and sales, using the tools that best facilitate that, not on security systems to protect cardholder data – despite the hazards that a data breach could present.   Sysnet’s contact centre and acquirer support teams help retail merchants with their annual […]

0 Shares
Blog

PCI P2PE Version 2, Its impact for acquirers and their merchants

by Jason McWhirr, Acquirer Support Consultant Back in June, the PCI Security Standards Council (PCI SSC) release version 2.0 of the Point to Point Encryption (P2PE) standard.   What is P2PE? A P2PE system in a retail environment is designed to securely encrypt cardholder data from a merchant’s POI (Point of Interaction) device or POS […]

0 Shares
PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection
Articles, Blog, Whitepapers

PCI DSS v3.0 compliance: A closer look at Requirement 9.9 – Payment Terminal Protection

Though EMV Chip technology (chip and pin) has been effective in decreasing card fraud, criminals are increasingly using new methods to compromise data. From July 1st 2015, requirement 9.9 will be enforced by the Payment Card Industry Security Standards Council (PCI SSC).   This requirement will ensure that merchants have controls and countermeasures in place […]

0 Shares
Blog, Sysnet.air

Why PCI DSS compliance isn’t always about payments technology

by Paul Prior, Chief Product Officer Despite the fact that the PCI DSS has been around for more than a decade now and that version 3.0 has recently been published, there remains some confusion about what makes a merchant compliant. This is particularly evident in the Level 4 space, largely resulting from a general deficit […]

0 Shares
Brochures, Sysnet.air

Sysnet SpotSkim

SpotSkim is the industry’s only visual point-of-sale monitoring solution. It allows merchants to inventory, examine, and verify that their terminals and point-of-sale systems have not been modified or tampered with.   SpotSkim simplifies and automates the inspection process with familiar, user-friendly smart phone technology, making it easy for merchants to quickly perform this essential security activity and get […]

0 Shares