[WEB SECURITY] Vulnerabilities at PCI DSS sites
Christian Heinrich
christian.heinrich at cmlh.id.au
Wed Dec 29 15:27:12 EST 2010
MustLive,
A number of vulnerabilities of 3-D Secure, i.e. Verified by VISA and
MasterCard SecureCode, have been presented by the University of
Cambridge:
1. http://www.lightbluetouchpaper.org/2010/01/26/how-online-card-security-fails/
2. http://www.lightbluetouchpaper.org/2010/01/29/why-is-3-d-secure-a-single-sign-on-system/
ASV of PCI DSS has also been criticised i.e. http://www.scanlesspci.com/.
--
Regards,
Christian Heinrich
http://www.linkedin.com/in/ChristianHeinrich
Mobile: +61 433 510 532 (AEST +10 GMT/UTC)
SkypeID: cmlh.id.au
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
To unsubscribe email websecurity-unsubscribe at webappsec.org and reply to
the confirmation email
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
More information about the websecurity
mailing list