Tags Archivescrow

MasterCard’s Got Its Flippy-Floppies standard

The PCI DSS world was shocked yet again this week when MasterCard backed off its position from earlier this year, requiring Level 2 merchants to obtain validation from a QSA, and publicly are aligning its levels directly with Visa—including setting reciprocity with their levels.  The reason I put “publicly” in there is because the merchant operating regulations are NOT public for MasterCard like they are with Visa, but I understand that level reciprocity remains in those regulations even though they were removed from the public facing information. This is why merchants and service providers alike don’t take deadlines seriously.  Visa has (in the US anyway) at least tried (and mostly succeeded) to stick by their deadlines, though I’m not sure ...

Continue Reading

Clarification on MasterCard Level 2 Requirements standard

Javelin Strategy & Research posted an update to the new MasterCard Requirements. After speaking with John Verdeschi, Robert Vamosi pointed out an error in our initial analysis. After re-reading my material, I looked at one piece of information and made a leap (incorrectly) about the intent (see the final word here). John clarified that the intent is to use the next eighteen months as a transition period. Level 2 merchants should both submit a SAQ, and also have an On-Site assessment completed so they can submit a Report on Compliance by December 31, 2010. This means that Level 2 Merchants effectively have eighteen months to complete a readiness assessment, remediate, and validate compliance. Sorry for the confusion folks, and thank ...

Continue Reading

This is a unique website which will require a more modern browser to work!

Please upgrade today!