Security News > 2009 > May > PCI: A Brand, Not a Security Standard
http://attrition.org/security/rants/pci/heartland01.html PCI: A Brand, Not a Security Standard Fri May 8 21:09:02 EDT 2009 security curmudgeon I am so fed up with this entire ordeal. As a customer who was twice affected by Heartland's security breach (two different cards through two institutions were re-issued because of the breach), I am disgusted with Visa and Heartland. PCI and its cheerleaders make me angry. Visa is a PCI fan because it transfers risk to their customers, and removes liability from Visa. It's in their best interest to maintain the integrity of PCI at any cost, even when that cost is violating their own integrity. How can anyone sit back and groan about this ordeal without getting mad? Visa, PCI and Heartland are as bad as Enron, as bad as the Wall Street thugs who tanked the economy, and are nothing more than wealthy criminals. I have asked Visa to comment on specific aspects of this. Attrition has had calls in to Heartland to comment on points of confusion and question. We sit here, unsatisifed, without answers and wondering why either can stay in a position of financial power. [...] http://attrition.org/security/rants/pci/heartland01.html -- LayerOne 2009, Information Security for the discerning professional. May 23-24 2009 @ The Anaheim Marriott in Anaheim, California Visit http://layerone.info for more information