The National Institute of Standards and Technology (NIST) and Carnegie Mellon University have partnered with 23 other organizations in order to make credit card transactions safer for consumers. Most recently, the group has developed and published a new credit card security standard, the Common Vulnerability Scoring System (CVSS) Version 2.
If a hacker can find a vulnerability in any part of this system, he can potentially gain access to the the server where the data is housed, providing the opportunity for the hacker to steal sensitive financial information.
With CVSS Version 2, each of the potential risks is rated on a scale from zero to ten. The scale is meant to assess how confidentiality, availability, and integrity are each potentially compromised by the system. In order to assess their vulnerabilities, vendors use special software that scans the entire system. The PCI Security Standards Council maintains the compliance program, which is referred to as the Approved Scanning Vendor (ASV).
As of June 2008, the ASV scanners are all required to utilize CVSS Version 2 when scanning for vulnerabilities.
Related Posts:
- Indiana Announces Security Breach to State Website - It seems TJX isn't the only place experiencing breaches in their computer security. Indiana residents now need to be concerned about having...
- State Park Reservation Security System Breach - For those of you that have recently made camping reservations with a state park, you might want to check on your credit...
- PCI DSS Credit Card Data Security Extends To The Cloud - Payment Card Industry Data Security Standard (PCI DSS) was originally created exclusively to protect credit card data. But PCI DSS can be...
- New Card Design Offers Heightened Security - An innovative new credit card creation has been introduced to the world: a card that contains a small monitor as well as...