ÿþ<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Ecentric Switch</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css"> <!-- body { background-image: url(../assets/bg.gif); margin-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; } --> </style> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } //--> </script> <link href="../assets/styles.css" rel="stylesheet" type="text/css"> </head> <body onLoad="MM_preloadImages('../assets/home_on.gif','../assets/about_on.gif','../assets/products_on.gif','../assets/clients_on.gif','../assets/partners_on.gif','../assets/flightdeck_on.gif','../assets/contact_on.gif','../assets/services_on.gif','../assets/news_on.gif','../assets/retailers_on.gif','../assets/financeinst_on.gif','../assets/itco_on.gif','../assets/localprogov_on.gif','../assets/postoffice_on.gif','../assets/utilityco_on.gif')"> <table width="787" border="0" cellspacing="0" cellpadding="0"> <tr> <td bgcolor="#FFFFFF"><img src="../assets/logo.gif" width="348" height="72"></td> <td bgcolor="#FFFFFF"><div align="right"><img src="../assets/microsoft.gif" width="178" height="72"></div></td> </tr> <tr> <td colspan="2"><a href="../index.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('home','','../assets/home_on.gif',1)"><img src="../assets/home_off.gif" name="home" width="87" height="17" border="0"></a><a href="about.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('about','','../assets/about_on.gif',1)"><img src="../assets/about_off.gif" name="about" width="87" height="17" border="0"></a><a href="products.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('products','','../assets/products_on.gif',1)"><img src="../assets/products_off.gif" name="products" width="87" height="17" border="0"></a><a href="services.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('services','','../assets/services_on.gif',1)"><img src="../assets/services_off.gif" name="services" width="87" height="17" border="0"></a><a href="clients.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('clients','','../assets/clients_on.gif',1)"><img src="../assets/clients_off.gif" name="clients" width="87" height="17" border="0"></a><a href="partners.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('partners','','../assets/partners_on.gif',1)"><img src="../assets/partners_off.gif" name="partners" width="87" height="17" border="0"></a><a href="news.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('news','','../assets/news_on.gif',1)"><img src="../assets/news_on.gif" name="news" width="87" height="17" border="0"></a><a href="flightdeck.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('flightdeck','','../assets/flightdeck_on.gif',1)"><img src="../assets/flightdeck_off.gif" name="flightdeck" width="87" height="17" border="0"></a><a href="contact.htm" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('contact','','../assets/contact_on.gif',1)"><img src="../assets/contact_off.gif" name="contact" width="85" height="17" border="0"></a><img src="../assets/greenbit.gif" width="6" height="17"></td> </tr> <tr> <td colspan="2"><img src="../assets/001.jpg" width="781" height="82"></td> </tr> <tr> <td colspan="2"> <table width="785" border="0" cellpadding="8" cellspacing="0" class="body"> <tr> <td width="113">&nbsp;</td> <td width="621" valign="top"><div align="justify"> <p><br> <br> <span class="header">3 May 2007<br> <br> </span> eCentric undertakes PCI DSS compliance journey <br> <br> The theft of consumer data has surfaced as a major issue today for merchants and customers in both the online and offline marketplace. The US Federal Trade Commission has estimated that more than 10 million Americans are victims of such crimes annually, costing individuals $5 billion and businesses $48 billion. <br> <br> Acquiring unsecured financial information is the primary objective of hackers and organized crime in order to fuel a thriving black market for stolen credit card numbers, bank accounts, passwords, personal identification numbers and other data. These attacks affect more than just the online retailers. Breaches occur on point-of-sale, back office, and wireless technology systems. <br> <br> Stolen personal data causes thousands of wasted hours of investigation and serious costs for those affected, from merchants to the victims of stolen identities. The cascade of problems for victims of these crimes can last for years as they try to recover their financial lives. <br> <br> To combat data theft, the <b>Payment Card Industry (PCI)</b> providers such as MasterCard, Visa, American Express and Discover have created a Data Security Standard that requires merchants, web-based retailers, and service providers that accept or process credit cards to comply with rigorous security directives. According to the standard, all members, merchants, and service providers that store or process credit cards must meet specific security requirements, which necessitate building a secure network and maintaining a vulnerability management program. To demonstrate compliance, merchants and service providers must provide security assessments and perform quarterly network scans to locate and fix vulnerabilities and reduce the risk of intrusion. Those organizations found not to be in compliance can face hefty penalties if data breaches are discovered. <br> <br> Acquiring unsecured financial information is the primary objective of hackers and organized crime in order to fuel a thriving black market for stolen credit card numbers, bank accounts, passwords, personal identification numbers and other data. These attacks affect more than just the online retailers. Breaches occur on point-of-sale, back office, and wireless technology systems. <br> <br> <b>PCI Data Security Structure</b> <br> <br> The Payment Card Industry differentiates between merchants and the credit card processor. The merchant is the business, either a physical store or internet website (or both), that accepts credit card payments in exchange for providing a good or service. The merchant is in the best position to protect sensitive personal information. The merchant is the first line of defence in terms of safeguarding consumer data. <br> <br> Next are the credit card processors, called the "acquiring bank" or "acquirer." Any merchant that processes credit card transactions must have a relationship with an acquiring bank (such as FNB, SBSA, etc) that does the actual work of processing the payment. When a merchant runs a credit card transaction, they communicate with the acquirer who confirms with the relevant acquiring bank that there is sufficient funds in his account and then authorizes the payment. The credit card associations have assigned the task of enforcing the implementation of the PCI requirements and monitoring merchant compliance to the acquiring banks. <br> <br> <b>What is the PCI Data Security Standard (PCI DSS)?</b> <br> <br> The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures associated with credit card account data. This comprehensive standard is intended to help organizations proactively protect customer credit card account data that is either stored, processed, or transmitted. All merchants, regardless of the annual transaction volume (merchant level assigned), are required by the various card brands (i.e., Visa, MasterCard, American Express, Discover, and JCB) to follow the standard. Merchants not adhering to the standard may be subject to substantial fines levied by the card associations. <br> <br> <b>What does PCI DSS certification entail for eCentric Switch?</b> <br> <br> eCentric Switch has completed it's pre-compliance review and is now engaged in the implementation of the processes and procedures necessary for accreditation. The initial process requires the compilation of an extensive set of information security policies and procedures. These have been compiled and are being evaluated by the company, whereafter they will be implemented to ensure that eCentric's processes meet the 6 high-level PCI DSS requirements as listed below: <ol> <li>Build and Maintain a Secure Network</li> <li>Protect Cardholder Data</li> <li>Maintain a Vulnerability Management Program</li> <li>Implement Strong Access Control Measures</li> <li>Regularly Monitor and Test Networks</li> <li>Maintain an Information Security Policy</li> </ol> eCentric's intention is to be fully accredited by 1st Quarter 2008. <br> <br> <a href="news.htm" class="link">Back to News</a> </p> </div></td> <td width="3">&nbsp;</td> </tr> </table></td></tr> </table> </body> </html>