[Dataloss] CardSystems Settles FTC Charges
Chris Walsh
cwalsh at cwalsh.org
Thu Feb 23 22:30:52 EST 2006
Interesting that Pay By Touch (which now owns Cardsystems) says
(http://www.paybytouchpaymentsolutions.com/about.html) that they are
"VISA Cardholder Information Security Program (CISP) Compliant", but
VISA's list of CISP compliant service providers (http://usa.visa.com/
download/business/accepting_visa/ops_risk_management/
cisp_List_of_CISP_Compliant_Service_Providers.pdf), dated 2/1/2006,
includes neither CardSystems nor Pay By Touch.
The PCI Data Security Standard is one MasterCard and VISA require
adherence to, and it mandates on-site assessments for processors as
large as Cardsystems. I specifically remember Amex and Visa dropping
Cardsystems, but I do not have a similar memory for MasterCard.
Unfortunately, I cannot find a list of MasterCard's approved
processors, analogous to the VISA list above.
On Feb 23, 2006, at 8:17 PM, lyger wrote:
>
> In the case of CardSystems and their new companies, it might be
> because
> VISA is no longer doing business with them?
>
> http://attrition.org/errata/dataloss/cardsystems04.html
More information about the Dataloss
mailing list