Mastercard rolls out Blockchain API

Mastercard opens up access to its blockchain API platform for developers. Mastercard Blockchain facilitates new commerce opportunities for the digital transfer of value by allowing businesses and financial institutions to transact on a distributed ledger. The technology can power multiple use cases and can help take time, cost and risk out of financial flows. Here are some examples from the Mastercard website:

What if we buy from online stores that do not have the 3-D Secure protocol?

Every day e-commerce is growing by leaps and bounds, and virtual stores are no stranger to receiving chargebacks for fraudulent transactions that users are claiming for some kind of online fraud they have been exposed to. Therefore, it is necessary to consider what are the positive and negative factors that both banks and online businesses should consider when processing an online purchase transaction.

ATMs may be affected by WannaCry

There is a serious malware cyber threat called “WannaCry” that is impacting many organizations worldwide. This type of threat is known as ransomware. It will encrypt the files on your end-points running Microsoft operating system software, rendering them inaccessible. ATMs are at risk of this attack. Additionally, this malware attempts to infect other end-points on the same network. Manufacturers have taken steps to respond to this threat.

Security vulnerabilities on Intel AMT chips on ATM motherboards

Intel has disclosed a vulnerability within the firmware of its Active Management Technology (AMT) feature. Intel has advised that the vulnerability could allow an unprivileged network attacker to gain system privileges.
This vulnerability exists in first generation and later Intel Core processor family and Q-Series chip sets. NCR has used this technology in ATMs that were manufactured later than 2011. The PC cores in NCR ATMs shipped prior to 2011 do not have this vulnerability.

Pros & Cons of In-House Training

When sourcing training we always try to give our clients a selection of training options including Public Scheduled Courses, e-Learning and In-House training. The latter, we have begun to see a lot more of lately. However In-House training courses aren’t always the perfect solution for everyone. We have therefore decided to highlight the advantages, disadvantages and considerations of In-House training so you can know if it is the right path for you and your company.

Pros & Cons of eLearning

eLearning is has boomed over recent years to become a very popular method of learning. In the CIPD’s 2015 Learning and Talent Development Study, 74% of companies reported using some level of e-learning with 91% of companies reporting it to be very useful when combined with other methods and nearly ¾ of respondents saying it is essential for learning.

Pros & Cons of Scheduled Training

Here is a look at the advantages and disadvantages of public scheduled courses. Hopefully by reading them both you can get a good balanced view of the facts and apply them to your situation in order to make the best decision for you and your company.


PCI DSS requirement 9.9 - Card Reader (Point of Interaction - POI) Security - Guidance on this clearly ignored requirement

Since the 1st of July 2015 PCI DSS requirement 9.9 became a mandatory requirement for compliance. The requirement was added to the third revision of the DSS based on the global threat of Point-of-Interaction (POI) device tampering, substitution, and skimming.

LiquidNexxus presents guidance on ATM Malware at the (closed-door) Third Strategic Meeting on Payment Card Fraud (PCF) organised by EUROPOL, ASEANAPOL and INTERPOL in Bangkok.

On 13 and 14 December 2016, Europol’s European Cybercrime Centre (EC3), together with ASEANAPOL and INTERPOL, and with the support of the Romanian National Police and the Royal Thai Police, convened for the Third Strategic Meeting on Payment Card Fraud (PCF) in Bangkok Thailand. The event was hosted by the Electronic Transaction Development Agency (public organisation), and the Ministry of Digital Economy and Society.

Mainframe and Software Security

Banks spent about $188bn on IT last year and that figure is expected to grow at close to 5 per cent a year, taking it above $200bn by next year, according to Celent, the research company.

Latin American Forum on Payment System Security takes place in November

The ATM Security Association announces its support for the event

ATM Security Association welcomes LiquidNexxus as its latest Member

LiquidNexxus has joined the ATM Security Association as a member, the company will participate in the cross-industry collaboration within the association’s various working groups in order to contribute its expertise in ATM security and contribute to the development of global industry security standards and best practices.

PCI - Personnel Training Requirements, Resources & Delivery Methods

  • By admin
  • |
  • 2 years, 3 months ago
  • |
  • 0

Training requirements vary according to the level of involvement, responsibilities, and how critical each trainee is to the integrity of the cardholder data environment. In this section we define each trainee group, their responsibilities, and their impact on PCI compliance and system security. For each group we also outline support/resource, methods/channels, and periodicity (or frequency) requirements and recommendations. It is important to note that, beyond the previously highlighted PCI requirements, there are important knowledge gaps in particular at senior management and technical levels. If these are not addressed the organisation risks incurring costly delays, errors, omissions which would adversely affect achieving and maintaining PCI compliance

PCI DSS v3.1 Training Requirements Explained

  • By admin
  • |
  • 2 years, 3 months ago
  • |
  • 0

This article presents clarifies each PCI DSS Training requirement in relation to the target training group and how they are affected as well as the consequences (beyond non compliance) to the organisation.

Lucas Allen (CEO) to present at PCI SSC Europe Community Meeting on "Education and Awareness: A Key Component to Compliance and Security of CDE"

  • By admin
  • |
  • 2 years, 8 months ago
  • |
  • 0

Lucas Allen (CEO) to present at PCI SSC Europe Community Meeting (3 Nov - 5 Nov 2015, Nice, France)

Speech: Education and Awareness: A Key Component to Compliance and Security of CDE 
Presented by: Lucas Allen, CEO, LiquidNexxus
Date/Time: Thursday 5, November 13:00 -15:30

Liquidnexxus Partners with PCI Security Standards Council to Foster Improved Payment Data Security Worldwide

  • By admin
  • |
  • 3 years, 8 months ago
  • |
  • 0

 — As the first authorized PCI Global Training Network (PGTN) provider, LiquidNexxus will deliver PCI training and qualification courses to CEMEA Region —


Ten Charged In D.C. Area Identity Theft Ring

Ten individuals were charged in Alexandria for their alleged involvement in a large-scale identity theft ring operating in the Washington, D.C. metropolitan area since at least January 2012.

Bank customers hit by data theft slam "chicken feed" compensation

BARCLAYS Bank has come under fire after offering just £250 in compensation to customers whose confidential files were stolen and sold to rogue City traders. At least 2,000 of the bank’s customers were affected by the theft, which included details of their earnings, savings, health issues and insurance policies. It resulted in many customers being inundated with cold calls from unidentified brokers. Barclays says it has contacted all customers affected and provided compensation for “distress and inconvenience.” However, one customer described the compensation as “chicken feed”. According to national media, a number of customers have been given higher sums after complaining about the amount initially awarded. Are you one of the 2,000 Barclays customers affected by the data theft? Let us know by commenting on the story below.

Next Planned Sessions