Empathy List Archives

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Vulnerabilities at PCI DSS sites

Kristen Eisenberg

Thu, Oct 27, 2011 12:40 PM

only in Ukraine, but worldwide) isn't PCI DSS certified?

PCI DSS is intended for Merchants not EPS.

Don't Visa and MasterCard asking from EVERY company and bank (or at list
large ones) which work with cards to be PCI DSS compliant?

Banks are excluded i.e. PCI DSS is an agreement specified by the Bank
to the Merchant and not vice versa.

Does the company, owner of EPS, is deceiving people by not having PCI DSS
and putting "funky" Verified by VISA and MasterCard SecureCode logos?

Their intent is different.

Kristen Eisenberg
Billige Flüge
Marketing GmbH
Emanuelstr. 3,
10317 Berlin
Deutschland
Telefon: +49 (33)
5310967
Email:
utebachmeier at
gmail.com
Site:
http://flug.airego.de

Billige Flüge vergleichen

> only in Ukraine, but worldwide) isn't PCI DSS certified? PCI DSS is intended for Merchants not EPS. > 2. Don't Visa and MasterCard asking from EVERY company and bank (or at list > large ones) which work with cards to be PCI DSS compliant? Banks are excluded i.e. PCI DSS is an agreement specified by the Bank to the Merchant and not vice versa. > 3. Does the company, owner of EPS, is deceiving people by not having PCI DSS > and putting "funky" Verified by VISA and MasterCard SecureCode logos? Their intent is different. Kristen Eisenberg Billige Flüge Marketing GmbH Emanuelstr. 3, 10317 Berlin Deutschland Telefon: +49 (33) 5310967 Email: utebachmeier at gmail.com Site: http://flug.airego.de - Billige Flüge vergleichen

Lucian Corlan

Fri, Oct 28, 2011 5:57 AM

PCI DSS applies to all companies that process and store cardholders data,
including banks with in house processing.

Lucian Corlan
On 27 Oct 2011 19:31, "Kristen Eisenberg" kristen.eisenberg@yahoo.com
wrote:

only in Ukraine, but worldwide) isn't PCI DSS certified?

PCI DSS is intended for Merchants not EPS.

Don't Visa and MasterCard asking from EVERY company and bank (or at

list

large ones) which work with cards to be PCI DSS compliant?

Banks are excluded i.e. PCI DSS is an agreement specified by the Bank
to the Merchant and not vice versa.

Does the company, owner of EPS, is deceiving people by not having PCI

DSS

and putting "funky" Verified by VISA and MasterCard SecureCode logos?

Their intent is different.

Kristen Eisenberg
Billige Flüge
Marketing GmbH
Emanuelstr. 3,
10317 Berlin
Deutschland
Telefon: +49 (33)
5310967
Email:
utebachmeier at
gmail.com
Site:
http://flug.airego.de - Billige Flüge vergleichen

The Web Security Mailing List

WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss

Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates

websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org

PCI DSS applies to all companies that process and store cardholders data, including banks with in house processing. Lucian Corlan On 27 Oct 2011 19:31, "Kristen Eisenberg" <kristen.eisenberg@yahoo.com> wrote: > > only in Ukraine, but worldwide) isn't PCI DSS certified? > > PCI DSS is intended for Merchants not EPS. > > > 2. Don't Visa and MasterCard asking from EVERY company and bank (or at > list > > large ones) which work with cards to be PCI DSS compliant? > > Banks are excluded i.e. PCI DSS is an agreement specified by the Bank > to the Merchant and not vice versa. > > > 3. Does the company, owner of EPS, is deceiving people by not having PCI > DSS > > and putting "funky" Verified by VISA and MasterCard SecureCode logos? > > Their intent is different. > > > Kristen Eisenberg > Billige Flüge > Marketing GmbH > Emanuelstr. 3, > 10317 Berlin > Deutschland > Telefon: +49 (33) > 5310967 > Email: > utebachmeier at > gmail.com > Site: > http://flug.airego.de - Billige Flüge vergleichen > > _______________________________________________ > The Web Security Mailing List > > WebSecurity RSS Feed > http://www.webappsec.org/rss/websecurity.rss > > Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA > > WASC on Twitter > http://twitter.com/wascupdates > > websecurity@lists.webappsec.org > http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org > >