Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:PCI Compliance? (Score 1) 402

by joebp (#29351451) Attached to: What the DHS Knows About You
No, such companies can be and are PCI-DSS compliant as long as their declared PCI information security policy includes the transmission of payments data to the DHS (and there certainly is space for such things in PCI to meet regulatory requirements), that transfers to DHS are suitably cryptographically protected if over an public network, and as long as the company informs the DHS in their role as a PCI "third party" of their responsibility to also store payments data securely under the PCI. Of course, whether the DHS are *actually* following section 9 of the PCI-DSS by mailing the guy his payment data is very questionable.

core error - bus dumped

Working...