Language Selection

English French German Italian Portuguese Spanish

Web shops face tighter security

Filed under
Security

From 30 June this year all web shops will have to comply with strict security standards drawn up by the world's big credit card companies.

Online shops will be certified annually and checked quarterly to ensure they maintain the security standards.

Websites which flout the rules could be banned from trading or left to soak up the costs of break-ins all by themselves.

The move to tighten up security at online shops happens as increasing numbers of firms report that customer data has been lost or stolen.

In February the Bank of America said it had lost more than 1.2 million customer records - though it said there was no evidence that the data had fallen into the hands of criminals.

More recently LexisNexis, ChoicePoint and HSBC have all revealed that data about customers has been lost to attack by criminal hackers.

It is estimated that this year alone more than 2 million customer records have gone missing or been stolen.

In an attempt to raise the baseline security practices of online merchants and payment processing firms, Mastercard, Visa, American Express, Diners, Discover, and JCB have drawn up standards that dictate what web shops must do to keep safe.

Before these standards were drawn up separate credit card firms and banks had their own different security compliance programs.

All web shops that process more than 20,000 transactions per year will have to comply with the PCI standards no matter where they are in the world. This means that tens of thousands of web shops will have to become compliant with the new rules.

The standards go as far as to dictate what length passwords must be, how often they must be changed and force firms to be very careful with credit card information and who gets access to it.

Full Story.

More in Tux Machines

That Peculiar Linux 3.18 Kernel Bug Might Be Closed Soon

For the past month there's been kernel developers investigating "a big unknown worry in a regression" that have left many key kernel developers -- including Linus Torvalds -- puzzled. It looks like that investigation is finally being close to being resolved. Read more

New Releases

Notifications Without User Interaction on Ubuntu Are Annoying

The Unity desktop environment has a simple and rather ineffective system notification mechanism and it looks like that's not going to change, not even with the arrival of Unity 8. Read more

Librem Linux Laptop Drops NVIDIA Graphics But Still Coming Up Short Of Goal

One of the oddest things I found about the crowd-funded Librem 15 laptop when writing about it last month was that it wanted to be open-source down to the component firmware/microcode yet they opted to ship with a NVIDIA GPU. In an updated earlier this month, at least they came to their senses and dropped the discrete NVIDIA GPU. While I have no problems recommending NVIDIA graphics for Linux gamers and those wanting the best performance, that's only when using the proprietary drivers, and certainly wouldn't recommend it for a fully open-source system -- NVIDIA on the desktop side doesn't do much for the open-source drivers, let alone down to the firmware/microcode level. Instead the Librem folks have opted to upgrade the design to using an Intel Core i7 4770HQ processor that features more powerful Intel Iris Pro 5200 Graphics, which isn't as powerful as a discrete NVIDIA GPU but at least is more open-source friendly. Read more