Point of View

• Now’s The Time

  7/12/2010 12:49:00 PM

  Google “PCI compliance” or “payment security” and you’ll always find a long list of news stories, but media is picking up the pace, and there couldn’t be a better time to join the fight for tighter security and a common solution to the various – and constantly shifting – security standards.
  
  As Infosecurity Magazine reports, “PCI DSS hurdles loom,” and the industry is taking note. Every stakeholder in the payment process has an ear to the ground, working to keep up with the ever more complex and shifting set of rules and requirements.
  
  As these worldwide security threats grow and compliance standards evolve, the SPVA is working to stay one step ahead, working not to add another layer but to create a common understanding of existing and newly released standards. Our member-driven Technical Working Groups are constantly evaluating the latest information to keep stakeholders informed and one step ahead of what they are reading in the news.
  
  SPVA members represent all points along the payment continuum, from POS payment terminal vendors to software developers to acquirers and so many more. Before your company gets lost in the payment security news and looming regulations, join us and stay ahead of the game, ultimately keeping your clients and consumers safe from security compromise.
  
  Steven
  steven.hughes@spva.org

   

  Full story

  Comments (0)

  Steven Hughes

  Technical Working Groups membership PCI

• Interview With The Chairman

  6/17/2010 9:11:36 AM

  In case you missed our most recent newsletter, we wanted to share this interview with our new chairman, T.K. Cheung.

   

  SPVA Welcomes T.K. Cheung as new Chairman of the Board
  Hypercom’s vice president global quality & security takes the helm of the SPVA as the founding members rotate leadership positions heading into the organization’s second year. T.K. Cheung talks SPVA accomplishments and goals.

   

  What were the most important accomplishments of the SPVA in its inaugural year?
  I think our membership numbers (20) speak for themselves and not only the quantity of our members – but the quality. Our members represent the leading companies in the industry. In addition, the establishment of our Technical Working Groups and the work that is being shared is significant and stands to have a lasting impact on the industry, garnering widespread recognition of our organization.

   

  What is your vision for year two?
  I would like to continue to grow the organization and double our numbers this year. In addition, we look forward to the publication of more white papers from the other TWGs, that will be just as impactful as the recent End-to-End Encryption Security Requirements document.

   

  What do you see as the biggest challenges for the SPVA?
  Hands down, the adoption of SPVA guidelines and recommendations as well as attracting retailers and the card associations to join the SPVA is one of the biggest challenges. This will be a critical step for us as their input is valuable and will help shape our future.

   

  What are three things that are not generally known about you?
  I built my first computer from a kit in 1977. It was called a Nascom 1, and I still have it. My accent is English, not Australian, and I’m fluent in Cantonese.

   

  Current personal goal?

  To break 100 playing golf.

  Full story

  Comments (0)

  Steven Hughes

  Technical Working Groups end-to-end encryption white paper Hypercom Board of Directors

• From End to End – A Guideline is Born

  5/27/2010 9:59:31 AM

  After a year of collaboration and research from our End-to-End Encryption Technical Working Group, I am pleased to announce the release of SPVA’s first white paper, the End-to-End Encryption Security Requirements.

   

  This guideline represents SPVA’s commitment to strengthening global payment security standards and creating a common understanding of best practices. The insight and thoroughness with which this framework has been prepared is a testament to our members and to the Technical Working Groups.

   

  The End-to-End Encryption Security Requirements sets a baseline for the industry, and focuses on:

   

  • Data to be encrypted during transmission

  • Key management

  • Physical and logistical security of the TRSM and key components

  • Encryption monitoring and management systems requirements

  We invite you to download the End-to-End Encryption Security Requirements. We welcome your thoughts and feedback.

   

  If you are interested in contributing to our next white paper, membership in the SPVA allows you to join any of our four Technical Working Groups.

   

  Steven

  steven.hughes@spva.org

  Full story

  Comments (0)

  Steven Hughes

  Technical Working Groups end-to-end encryption white paper PCI

• Lights Up on the Lab Network

  4/21/2010 9:18:44 AM

  I don’t think I’ve given our Lab Network its due spotlight on the blog. No excuses since it’s a fantastic opportunity for labs and SPVA members alike.
  
  

  For anyone who doesn’t know what I’m referring to, the elevator pitch about SPVA’s Lab Network is this: It’s a group of participating labs that work with our members and Technical Working Groups on security evaluations and implementation guidelines. Ultimately, the Lab Network will work with its peers and with other members to share best practices and improve security throughout the POS industry.

   

  So what are the benefits? Here are five reasons why a lab would want to join:

   

  ·          Recognition throughout the industry as a qualified and effective lab, operating on the forefront of security

  ·          Access to SPVA’s Technical Working Groups and committee members representing leading payment companies

  ·          Ability to share best practices and navigate through challenges with PCI’s top players

  ·          Promotion through SPVA’s website, newsletter, press releases and social media channels

  ·          Permission to download and use the SPVA Lab Network logo

   

  And we’re not letting just anyone in. There are requirements to meet and applications to fill out. For more details about the details, I’m your guy. Email or call – or both!

   

  Steven

  steven.hughes@spva.org

  404-760-4223

   

  Full story

  Comments (0)

  Steven Hughes

  Technical Working Groups Lab Network

• Expanding Connections

  2/11/2010 2:35:32 PM

  The past two weeks have brought significant andexciting changes to the Secure POS Vendor Alliance.  When the SPVA launched less than ayear ago, the founding members – Hypercom, Ingenico and  VeriFone -always had the vision that the organization would not simply be a soapbox for the “big three,” but rather a more inclusive entity that provided a collaborative environment and a stronger voice for ensuring payments security. The 15 additional members that have joined the SPVA over the past eight months agreed, committing their time and resources in return for the value this organization could provide. With two recent developments, we’ve come even further in realizing our vision.

  Bob Carr, CEO of Heartland Payment Systems, was elected to the 2010 SPVA Board of Directors as our Associate Member Director.We are honored to have Bob take on this leadership position and feel there is currently no one better for this role. Bob expressed his commitment to 'bringing POS hardware and software vendors together for the good of all the stakeholders in the payments domain.” I look forward to working with Bob in continued support of our mission.

  In case you missed it, the SPVA also launched a new involvement opportunity – the Lab Network. Our Technical Working Groups have been working diligently in the development of implementation guidelines related to end-to-end encryption, payments lifecycle management protocols and other pressing industry needs. Members of theLab Network, including authorized QSA labs, will be given the opportunity to conduct security evaluations of our implementation guidelines and connect with our other members in sharing best practices and raising the security level within the POS industry.  

  So as you can see, we’ve been busy around here! We’re convinced that the strides we are making to expand our connections will help to further our goals. If you want to know more about what’s going on at SPVA, reach out to me at any time. 

  Full story

  Comments (0)

  Steven Hughes

  Ingenico Technical Working Groups end-to-end encryption Heartland Payment Systems PCI POS VeriFone Hypercom

2. 1
3. 2
4. Next page