This page contains a Flash digital edition of a book.
LOSSPREVENTION&SECURITY 19


PCI SURVEY REVEALS KNOWLEDGE GAPS


highlighted a lack of knowledge of the regulations. LogLogic revealed last December that a majority (70.7%) of 58 UK retail IT directors surveyed were aware of the new version 2.0. But nearly 64% of retailers also admitted they were partially or completely unaware of its requirements. Three months later, the IT data and log management software


U


provider updated its survey results. But the fi ndings were no more encouraging. All (100%) admitted their biggest compliance knowledge gaps were around the PCI DSS regulations themselves. A further half (50%) highlighted gaps in their knowledge of specifi c mandates. While twice as many respondents said they had more gaps with regulation knowledge than specifi c mandates, all respondents also indicated that e-commerce IT projects require the most PCI work. But they also said tokenisation (51%) and encryption (49%) were the two most popular new loss prevention technologies that they felt would help comply with PCI DSS 2.0. Guy Churchward, LogLogic chief executive, said: “Retailers have come a long way since the introduction of PCI DSS back in 2004, in terms of attitudes and implementation, but there’s still a lot more to do. It’s not just a case of ‘achieving compliance,’ it’s a matter of completing the audits and staying on top of the requirements – it’s a long-term commitment to the business and to protecting customer data. The research clearly shows that retailers need to get up to


RETAILERS WARNED ON EU COOKIE RULES


Data security experts and watchdogs are warning retailers and all companies operating online about looming European Union (EU) legislation, requiring consent to store or access information on consumers’ computers. The new rules are part of an amendment


to the EU’s Privacy and Electronic Communications Directive designed to keep pace with the constant evolution of online fraud and will come into force on 25 May 2011. At a recent conference hosted by the


Information Commissioner’s Offi ce (ICO), the Information Commissioner, Christopher Graham, said: “The directive will come into force in…and businesses and organisations running websites in the UK must wake up to the fact that this is happening.” The cookie has been the main


information carrier for most online retailers


to identify customers’ shopping tastes, behaviour and preferences.


“One option being considered is to


allow consent to the use of cookies to be given via browser settings,” he added. “But once the new regulations are published there will be a major job of education and guidance to be undertaken. In the meantime, both the business community and public sector organisations need to start thinking clearly about how they will meet the requirements.” David Britton, 41st Parameter vice president of industry solutions, told Retail Technology that, until now, the use of tracking cookies has been fairly anonymous to the user. “We have to wait and see what the EU mandate specifi es, but some organisations are already


including consent sections in their terms and conditions. That is not enough, where it is seen as checkbox – this rule will require more emphatic and customer facing opt- in,” he said. Britton added that it was unlikely the cookie was dead: “In the context of individual sessions, cookies will still exist. What we’re talking about here are persistent cookies. But retailers have to realise the impact on fraud prevention, as well as marketing, too.” 41st has secured a patent for Time


Differential Linking (TDL), a feature that helps retailers and fi nancial institutions fi ght online fraud and understand customer behaviour by providing more accurate device-based recognition without using cookie technologies.


MARCH/APRIL 2011 RETAIL TECHNOLOGY


pdated fi ndings of a recent survey examining visibility and awareness among UK retailers for the new Payment Card Industry Data Security Standard (PCI DSS) version 2.0 has


speed with the new version pretty quickly - if they are to meet the increasingly regular audit requirements.” Bill Roth, executive vice president at LogLogic, added: “The explosion of different payment types from Paypal, Billmelater and others means that it’s more important than ever to ensure that payments are safe and secure.”


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40