Re: Fwd: [Dataloss] Network Solutions was PCI compliantbefore breach

[chris () blask org]

--- On Mon, 7/27/09, Larry Seltzer <larry () larryseltzer com> wrote:

> Do we know if they were saying that the merchant systems were compliant,
> or is it possible that they're talking (out of their ass)
> about their own commerce systems?
>
> Would an audit of Netsol necessarily extend to their hosted
> merchant systems?

Good question, don't know the answer.  At a guess I would think that they would sell a merchant storefront solution 
that handles the transactions - and therefore the liability - and that this would be part of their PCI infrastructure.

But I'm too lazy to investigate and find out if any of that is true.

-chris


      
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.