Dara Security

Recent Articles

The PCI 3DS Core Security Standard

EMV® Three-Domain Secure (3-D Secure, or 3DS) is a messaging protocol that enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) e-commerce purchases. The additional security layer helps prevent unauthorized CNP transactions and protects the merchant from exposure to CNP fraud. The three domains consist of the merchant/acquirer domain, issuer domain, and the interoperability domain (for example, Payment Systems).

3DS Assessors are able to assess a service provider providing 3DS services against the PCI 3DS Core Security...

Read More

P2PE: A Valuable Tool for Merchants

Through Point-to-Point Encryption (P2PE), data is encrypted upon entry by a certified card terminal and continues to be encrypted until the data reaches a secure point of decryption outside of the merchant environment.  This secure point of decryption is a validated PCI P2PE solution provider.  Benefits of P2PE include making sensitive and protected data unreadable by unauthorized parties.  This data is devalued because it is unusable in its encrypted form.  Another benefit is that P2PE significantly simplifies PCI compliance.  The P2PE Self-Assessment...

Read More

IoT Devices: Convenience with a Risk

The Internet of Things has developed into a thriving industry estimated at $14 billion and poised for further growth.  Smart thermostats, voice-activated personal assistants, and other IoT devices are no longer novelty items found in homes of tech-savvy early adopters.  In fact, the IoT has gained more mainstream usage as people are enticed by the convenience these devices bring, and manufacturers continue to cast a wider net for consumers by making these devices more affordable. 

IoT usage has spread outside the home and is also growing in public arenas. ...

Read More