Home | Member Login | Contact | Blog
 

Point of View


Twitter Logo

Linked In Logo

RSS Feed Logo

Tags

Display as : cloud | list

Go Back

  • Interview With The Chairman

    6/17/2010 9:11:36 AM

    In case you missed our most recent newsletter, we wanted to share this interview with our new chairman, T.K. Cheung.

     

    SPVA Welcomes T.K. Cheung as new Chairman of the Board
    Hypercom’s vice president global quality & security takes the helm of the SPVA as the founding members rotate leadership positions heading into the organization’s second year. T.K. Cheung talks SPVA accomplishments and goals.

     

    What were the most important accomplishments of the SPVA in its inaugural year?
    I think our membership numbers (20) speak for themselves and not only the quantity of our members – but the quality. Our members represent the leading companies in the industry. In addition, the establishment of our Technical Working Groups and the work that is being shared is significant and stands to have a lasting impact on the industry, garnering widespread recognition of our organization.

     

    What is your vision for year two?
    I would like to continue to grow the organization and double our numbers this year. In addition, we look forward to the publication of more white papers from the other TWGs, that will be just as impactful as the recent End-to-End Encryption Security Requirements document.

     

    What do you see as the biggest challenges for the SPVA?
    Hands down, the adoption of SPVA guidelines and recommendations as well as attracting retailers and the card associations to join the SPVA is one of the biggest challenges. This will be a critical step for us as their input is valuable and will help shape our future.

     

    What are three things that are not generally known about you?
    I built my first computer from a kit in 1977. It was called a Nascom 1, and I still have it. My accent is English, not Australian, and I’m fluent in Cantonese.

     

    Current personal goal?

    To break 100 playing golf.

    Full story

    Comments (0)

    Steven Hughes

    Technical Working Groups end-to-end encryption white paper Hypercom Board of Directors

  • From End to End – A Guideline is Born

    5/27/2010 9:59:31 AM

    After a year of collaboration and research from our End-to-End Encryption Technical Working Group, I am pleased to announce the release of SPVA’s first white paper, the End-to-End Encryption Security Requirements.

     

    This guideline represents SPVA’s commitment to strengthening global payment security standards and creating a common understanding of best practices. The insight and thoroughness with which this framework has been prepared is a testament to our members and to the Technical Working Groups.

     

    The End-to-End Encryption Security Requirements sets a baseline for the industry, and focuses on:

     

    • Data to be encrypted during transmission

    • Key management

    • Physical and logistical security of the TRSM and key components

    • Encryption monitoring and management systems requirements

    We invite you to download the End-to-End Encryption Security Requirements. We welcome your thoughts and feedback.

     

    If you are interested in contributing to our next white paper, membership in the SPVA allows you to join any of our four Technical Working Groups.

     

    Steven

    steven.hughes@spva.org

    Full story

    Comments (0)

    Steven Hughes

    Technical Working Groups end-to-end encryption white paper PCI

  • Expanding Connections

    2/11/2010 2:35:32 PM

    The past two weeks have brought significant andexciting changes to the Secure POS Vendor Alliance.  When the SPVA launched less than ayear ago, the founding members – Hypercom, Ingenico and  VeriFone -always had the vision that the organization would not simply be a soapbox for the “big three,” but rather a more inclusive entity that provided a collaborative environment and a stronger voice for ensuring payments security. The 15 additional members that have joined the SPVA over the past eight months agreed, committing their time and resources in return for the value this organization could provide. With two recent developments, we’ve come even further in realizing our vision.

    Bob Carr, CEO of Heartland Payment Systems, was elected to the 2010 SPVA Board of Directors as our Associate Member Director.We are honored to have Bob take on this leadership position and feel there is currently no one better for this role. Bob expressed his commitment to 'bringing POS hardware and software vendors together for the good of all the stakeholders in the payments domain.” I look forward to working with Bob in continued support of our mission.

    In case you missed it, the SPVA also launched a new involvement opportunity – the Lab Network. Our Technical Working Groups have been working diligently in the development of implementation guidelines related to end-to-end encryption, payments lifecycle management protocols and other pressing industry needs. Members of theLab Network, including authorized QSA labs, will be given the opportunity to conduct security evaluations of our implementation guidelines and connect with our other members in sharing best practices and raising the security level within the POS industry.  

    So as you can see, we’ve been busy around here! We’re convinced that the strides we are making to expand our connections will help to further our goals. If you want to know more about what’s going on at SPVA, reach out to me at any time. 

    Full story

    Comments (0)

    Steven Hughes

    Ingenico Technical Working Groups end-to-end encryption Heartland Payment Systems PCI POS VeriFone Hypercom

  • Five Good Reasons

    12/28/2009 10:31:52 AM

    As we head (or sprint) toward the finish line that will bring an end to 2009, 2010 promises to be an even more exciting year in the payment processing world. The rapidly-changing mobile marketplace, increasing scrutiny of payment standards, and continuing economic uncertainty are sure to play a role in our industry in the coming year. As you look ahead at ways to grow your business, might I suggest putting “join SPVA” at the top of the list?

     

    Here are my top five reasons you should join:

     

    1)       Work with leading POS vendors to enrich and develop security guidelines

     

    2)       Acquire first-hand knowledge of current security threats and ways to mitigate them

     

    3)       Cultivate a common interpretation of existing security standards and public collective implementation guidelines

     

    4)       Develop end-to-end lifecycle security guidelines

     

    5)       Create industry encryption framework of cardholder data

     

    I hope you’ll take the opportunity to contact me for more details on what the SPVA is bringing to the industry and what we can bring to your business.

     

    I look forward to talking to you.

    Full story

    Comments (0)

    Steven Hughes

    end-to-end encryption membership POS

  • Bonjour de Paris!

    11/23/2009 3:12:28 PM

    Hot on the heels of CARTES & IDentification 2009, SPVA members gathered last week for the first official members meeting. Joined by the SPVA board and myself, more than 20 representatives from leading payment industry companies assembled to discuss where SPVA has gone in its short existence and where it is headed. 

    So why SPVA and why now

    You don’t have to look much further than the recent data breaches (Radisson Hotels & Resorts, TJX Companies, Network Solutions, etc.) to know that payment security is not where it needs to be. What better way to contribute to the understanding and compliance of existing security standards than to utilize the knowledge of some of the biggest players in the industry. Ingenico, Hypercom and VeriFone are opening the door for an industry-wide meeting of the minds. 

    With the creation of four Technical Working Groups, SPVA members have the opportunity to affect the future of PCI compliance. One representative from each member company is allowed to sit on a TWG committee. The four TWGs address distinct and critical areas of payment security:  

    • Security Standards
    • Payment Device Lifecycle
    • Threat Analysis and Intelligence
    • End-to-End Encryption

    One important note is that SPVA does not endorse any one solution over another. Its impartiality allows that any and all retailers, acquirers, POS vendors/supplies and card brands are welcome to join the conversation and share best practices. 

    Our TWGs are already in action, and we anticipate the release of an end-to-end encryption implementation guideline in early 2010. Stay tuned for details because we’re not wasting any time getting moving or making our mark on the industry.

     

     

     

     

     

     

     

     

     

     

    Full story

    Comments (0)

    Steven Hughes

    Technical Working Groups end-to-end encryption membership PCI POS CARTES




Sitemap | Privacy Policy | Legal © 2009 Secure POS Vender Alliance. All Rights Reserved.