On 04/01/2010 11:29 PM, Josh Luthman wrote: > No experience just thoughts. > > http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard >
This is a good overview. Also the spec is freely available in PDF form from the PCI website. > Would make sense to use a MT, put a nice firewall template (hence the > first requirement) and then the other generic things everyone should > do. The PCI standard is pretty prescriptive and covers good baseline security stuff. > I would have to guess BK doesn't store card information. > Processing security relies on the card processor, would it not? > The standard applies to data being stored and processed. You need to encrypt the link between you and the processor for example. I can go into more detail off list if required. -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
