I mentioned that I spent last Friday morning with card fraud and security experts. The conversation began with a wide view of what’s happening, and a focus upon PCI DSS Standard 2.0, which is yet to be published. The Payment Card Industry (PCI) Securities Standards Council (SSC) have developed new versions of the PCI Data…
Just spent most of today talking about PCI DSS compliance issues with QSAs focused upon E2EE. What? Yea, you heard me right. Delving into an area that I talk a lot about at higher levels usually, but rarely at these levels. Today, I was plumbing the depths of the Payment Cards Industry (PCI) Data Security…
I continue to be stunned by how Facebook and other social media allow me to see things in other people’s lives that should not be seen. For example, all of my friend’s friends photographs. This is a feature of Facebook I particularly dislike, and I’m not sure people are even aware of it, although the…
During the past week, the US Magazine Global Post published an amazing series of articles about the insider truth of being a private banker with UBS in Switzerland. The five article series charts the operations of one Bradley Birkenfeld – a Boston-born, high-flying, cross-border banker – at Switzerland’s premier financial institution, UBS. In this role,…
I’m intrigued by the number of discussions there are around identity. There have been several here recently, for example: Adventures in identity: are you paranoid or schizophrenic? If identities are unique, why do I have so many? Why identity management is so complicated And there are a number of blogs dedicated to identity management issues,…
Some years ago, I delivered a presentation as a keynote with the title: “All Bankers are Criminals”. I actually didn’t mean “all”. The chicken feed, battery farmed, commercial, transactional and retail bankers are pin-stripe suited, humble pie, nice guys. I was talking about the evil animals of Wall Street and the City. These jungle animals…
It fascinates me when we talk about ‘identity’ that we always seem to think of identity management as being a single thing … but it’s not. First, there’s the use of identity for identification; second for authentication; third, for verification; and fourth for fulfilment. Then there are the many instances of providing and proving identification:…
I know that many of you will have read the story already but, just in case, it is worth posting here for posterity and for the record. LONDON, ENGLAND, April 03, 2010 /24-7PressRelease/ — Gamestation has discovered that more than 88% of the British public do not read the terms and conditions of a website…
