Category Archives: PCI Compliance

Are your terminals and kiosks EMV-compliant?  Is your application PA-DSS certified?  Odds are against it. For PCI it’s easy to check just by going to the Validated Applications section on the PCI site. EMV introduces Level 1, Level 2 and then Level 3 certifications. Call them Mechanical, Firmware and Application.  There is also a listing of devices (emvco.com).

But I don’t want to do that — Let’s list out some of Why Nots — #1 it costs money to do. You’ll need a QSA and that could be $75K easy.  Someone like Coalfire/etc.  #2 it takes time.  Figure a year or a month depending. #3 It is inconvenient. It’s unnecessary regulation given our environment.  But it can come back to extract a heavy price in the future.

Interesting Links

POS PCI Audit -Pasco County

Payment Card Industry Audit. It is the intent of this solicitation to contract with a Professional Consultant to preform audits for payment card industry data security standards, as per specifications. SCOPE 1.1 The Information Technology Department is requesting services from a Professional Consultant (Consultant) to preform audits related for Payment Card Industry (PCI) Data Security Standards (DSS). GENERAL… Read More »