Just because your Payment Processor has PCI Level 1, doesn't mean you can ignore cross-site scripting. If you handle money, you process credit cards. (It’s pretty hard to email cash.) To prevent fraud, the card industry has created the PCI data security standard (DSS). Processing cards? Follow the specific guidance in PCI and you’ll be safe, right?
Recent events have shown that payments have been subject to sustained attack, demonstrating that PCI DSS compliance is a necessary component, but it is not adequate protection when taken in isolation.
from DZone.com Feed https://ift.tt/2DLdQn8
No comments:
Post a Comment