About
|
Many of you have recently been added to our Compliance, Security and GRC NewsLetter mailing list. This is informational news comprising the latest on Compliance related topics and other IT Security & Governance updates that we will be providing to all of you periodically. If you have a good article to share for future editions , please email to contact@controlcase.com
|
ControlCase at PCI CEMEA, Cairo
|
ControlCase is a strategic sponsor of PCI Cairo, an event which would address card security in North Africa, West Africa and Levant. The event is scheduled for the 1st of December, 2008, in Cairo, Egypt. ControlCase will be at the event, presenting on PCI gap analysis for banks. ControlCase at PCI CairoTo know more about 'PCI Cairo', please click here.Interested participants can register themselves for the event using a code provided to ControlCase as a promotional offer for clients of ControlCase "controlc08pcic", which would make them eligible for a 20% discount. For any queries please feel free to contact ControlCase on contact@controlcase.com. |
VISA updates on annual registration fee and listing
|
 The Registry Of Service Providers, a listing of service providers that provide payment related services to VISA client banks and merchants has released its updated program guide.
VISA would require some providers to pay an annual registration fee in some cases, in order to be listed on their registry.[More]
|
| FTC "Red Flag" Regulation |
 The Federal Trade Commission (FTC) had enacted a less known regulation under the Fair and Accurate Credit Transactions (FACT) Act of 2003 which had a deadline for compliance of Nov 1 2008. This regulation also referred to as the Red Flag requirement was intended to detect and flag any cases of Identity Theft and was intended to be for "financial institutions" and "creditors" with "covered accounts". This definition is broad enough to cover ALL entities that extend credit for payments.
According to the FTC - "A creditor is any entity that regularly extends, renews, or continues credit; any entity that regularly arranges for the extension, renewal, or continuation of credit; or any assignee of an original creditor who is involved in the decision to extend, renew, or continue credit. Accepting credit cards as a form of payment does not in and of itself make an entity a creditor. Creditors include finance companies, automobile dealers, mortgage brokers, utility companies, and telecommunications companies. Where non-profit and government entities defer payment for goods or services, they, too, are to be considered creditors. Most creditors, except for those regulated by the Federal bank regulatory agencies and the NCUA, come under the jurisdiction of the FTC."
This definition is broad enough to cover most entities.
The deadline has now been extended to May 1, 2009.
Please check the details of the regulation here and validate if you need to be in compliance
Read more about this by clicking here |
PCI DSS 1.2 in effect
|
 The PCI Security Standards Council (PCI SSC) has announced the general availability of version 1.2 of PCI DSS. This latest version is effective immediately, and version 1.1 of the standard will sunset on the 31st of December, 2008. However, PCI audits for all clients that are certified or are in the process of certification using version 1.1 will continue to be valid.
[More]
To know more about the new version of the standard, and to download any supporting documents, click here.
| |
 |
|
