[AusNOG] Security for CC details of new signups

Dobbins, Roland rdobbins at arbor.net
Tue Jul 6 10:09:43 EST 2010


On Jul 6, 2010, at 7:00 AM, Steve Skeevens wrote:

> Does this seem well-founded to you or am I just paranoid?


What they're doing is extremely risky, and it raises the interesting question of how said organization passed their PCI DSS audit (even though PCI DSS is remarkably lax in some areas and needlessly overspecific in others, one should think PCI auditors wouldn't countenance this sort of thing).

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

    Injustice is relatively easy to bear; what stings is justice.

                        -- H.L. Mencken






More information about the AusNOG mailing list