[attrition] rant: PCI: A Brand, Not a Security Standard
lyger
lyger at attrition.org
Sat May 9 03:19:50 UTC 2009
http://attrition.org/security/rants/pci/heartland01.html
Fri May 8 21:09:02 EDT 2009
security curmudgeon
I am so fed up with this entire ordeal. As a customer who was twice
affected by Heartland's security breach (two different cards through two
institutions were re-issued because of the breach), I am disgusted with
Visa and Heartland. PCI and its cheerleaders make me angry.
Visa is a PCI fan because it transfers risk to their customers, and
removes liability from Visa. It's in their best interest to maintain the
integrity of PCI at any cost, even when that cost is violating their own
integrity. How can anyone sit back and groan about this ordeal without
getting mad? Visa, PCI and Heartland are as bad as Enron, as bad as the
Wall Street thugs who tanked the economy, and are nothing more than
wealthy criminals.
I have asked Visa to comment on specific aspects of this. Attrition has
had calls in to Heartland to comment on points of confusion and question.
We sit here, unsatisifed, without answers and wondering why either can
stay in a position of financial power.
[..]
More information about the attrition
mailing list