bloomberg on supermicro: sky is falling
Brian at ampr.org
Wed Oct 10 14:32:14 UTC 2018
On Wed, Oct 10, 2018 at 02:21:40PM +0000, Naslund, Steve wrote:
> For example, with tokenization there is no reason at all for any
> retailer to be storing your credit card data (card number, CVV, exp
> date) at all (let alone unencrypted) but it keeps happening over
> and over.
It's been a while since I've had to professionally worry about this,
but as I recall, compliance with PCI [Payment Card Industry] Data
Security Standards prohibit EVER storing the CVV. Companies which
do may find themselves banned from being able to process card
payments if they're found out (which is unlikely).
More information about the NANOG