Month: February 2016

Is PCI a Law?

download (2)With the requirements set up by the Payment Card Industry Data Security Standards (PCI DSS), a lot of businesses scratch their heads and ask whether PCI is a law. The answer to this question is very short and simple no PCI Compliance is not a law.

Will PCI Compliance be a Law in Future?

To make the things more clear, let’s go in detail about this topic. At the moment it is not a federal law; but still there are some state laws that are in effect (while some might go in effect in future) to implement the requirements of PCI DSS. The story does not end here there is a big press on from the industry trade association and legislatures, to pass a federal law about breach and security notification.

Plastic Card Security Act

In 2007, “Plastic Card Security Act” was established in Minnesota which stated that if a company is breached and later on it is discovered that the company was storing prohibited PCI data like CVV codes, magnetic stripe, track data etc. then it is required to repay banks and other individuals costs linked with reissuing and blocking of cards. According to this law such companies are open to private lawsuits. The law at the moment is not to be implemented on Level 4 merchants (carrying out less than 20,000 card transactions per year).

On this, it was announced by the state of Massachusetts that it will commence a new law, 201 CMR 17.00. For example, the law stated the need of limiting the data collected, and further stated about data encryption and written security policies. The law would be implemented on any company storing or handling customer data based in Massachusetts. The enforcement of law was pushed back to 2010, when it was meant to be in action from 2009. Like all the previous laws this law also didn’t include level 4 merchants to be enforced by the law.

None of the above stated law stated anything about being PCI Compliant. More states are in need of customers’ notifications when a data breach finds its way, as the time goes on the definition of the data which is personal information will also have credit card numbers included in it.

What are the Possibilities?

With all that said, is it possible that we will get to see devotion to PCI Compliance and more specifically call it out as a law? Well there is no guarantee about it; but it might be possible, as you don’t know anything about future. The government does take time to get things done and PCI compliance is still evolving. So, it will be quite difficult for the legislatures to keep up with the pace of new technology changes being put forward by PCI.

It is possible to a certain extent that in the future more states will recognize credit card data as personal information and will carry out strict actions against the companies neglecting the proper security. Also, in upcoming time there might be direct financial incentives to companies with far greater security postures.


How Much Do PCI Companies Charge?

download (1)There is much more to being PCI compliant than just getting a PCI SAQ filled or going through a quarterly vulnerability scan successfully. There is a lot of work and resources required by the business to go through to make sure the customer credit card data is secured.

A lot of businesses get confused when it comes to setting up a budget for PCI compliance. Commonly the budget kept is too small that it becomes really difficult for IT departments and third parties to provide upgrading to the equipment and to meet the latest security standards; such actions makes the security at the risk of getting breached.

Dependence of Cost of PCI Compliance

The cost of PCI compliance totally depends on the number of transactions made per year. There are two types of businesses one that process more than 6 million MasterCard or Visa transactions each year. Then there are businesses that make less than 6 million MasterCard or Visa transactions per year.

Variables that affect the cost of PCI compliance

The cost you are giving for your PCI audit totally depends on the setup of your organization. Below are some factors that affect the overall PCI compliance cost.

Type of Business:

Whether you are a service provider, shop, or a franchise each would have different amount of cardholder data, environment structure, and sets of requirements.

Size of Organization:

Normally the bigger the organization the more possible weaknesses it has in its system; including an extra number of computers, cardholder data, departments, processes, programs, and staff members. Having an extra number of departments means extra protection and extra security which definitely ends up in more cost.

Environment of Organization:

The mobile devices, brand of computers, firewall kinds, backend servers, etc everything can put an effect on the PCI cost.

Dedicated PCI Staff of Organization:

Even with the presence of highly dedicated team, organizations commonly need consulting or help from outsiders to assist them in meeting PCI requirements.

PCI Fees:

A monthly non compliance fee may be charged by your acquiring bank for not being PCI compliant. This usually varies from bank to bank and might go away if you give a proof of being PCI Compliant.

Pre pay acquirers:

Acquiring banks check with a PCI DSS vendor and pay for PCI Compliance of their merchant; but it happens rarely.

Cost of PCI Compliance

A small entity’s cost of PCI DSS compliance should start from $300 per year depending mostly on the environment. There are various costs that are considered.

· Self-Assessment Questionnaire $50 to $200
· Vulnerability scanning per IP address $100-$150
· Training and policy making per employee $70
· Remediation (software and hardware upgrades/updates etc.) varies according to the relation of entity with compliance and security around $100 to $10,000.

A large entity is required to get PCI audit, which could cost from $70,000 per audit.

· Onsite audit more than $40,000
· Penetration testing more than $5,000
· Vulnerability scans more than $800
· Training and policy making more than $5,000
· Remediation (software and hardware upgrades/updates etc.) differs on the basis of the relation of entity with the compliance and security and can be around $10,000 to $500,000.


Camera Design Service Vendors Gearing Up for a New Phase With New Standards

downloadNot many companies are well versed with camera designs and their tweaks and hence few players are moving towards custom development of board cameras and smart vision sensors based on different processors. Also with the advent of several cameras and camera architectures, companies now have a strong base to build new products.

Some companies can design cameras to customer requirements in short timelines too.

The Challenges

Companies usually face the challenge of meeting hardware and software design specifications of the camera.

High definition images might have to be clicked at regular intervals, sometimes in a fraction of a second! Some companies now opt for drones that would house several cameras, and then try to stitch and synchronise the images simultaneously, so that the shots can be taken from all possible angles.

Also the core challenge here is to reduce the camera size since the product needs to be a marketable product that also needs to be considerably affordable.

For such a camera design, companies strike a balance with its hardware design, PCB design, Bootloader porting, and the efforts expended on Device drive modification, Camera app development and Testing procedures.

The need for integrated camera solutions

Integrated camera solutions with small, lightweight, and inexpensive 5 Megapixel camera with an adequate CMOS sensor is in great demand in the market. These solutions include the snapshot mode and the continuous mode at various resolutions. The MiniSD card works for local storage for such cameras.

The solution also includes an external trigger for Camera synchronization, instinctive photo captures, and the like.

Such companies offer independent camera design offerings including

• Prototype development
• Complete board design and Mechanical design
• uBoot and Kernel changes
• Porting on new hardware
• Production support
• CMOS and CCD sensor integration
• Monochrome, Color, and near IR development
• Embedded processor development including FPGA and ARM processors
• Standard/ Custom mounting options
• Robust enclosures suitable for industrial camera use
• Integrated LED lighting

Types of Cameras for Different Applications

• 3 megapixel Cameras with color and monochrome sensors
• 2K Line Scan Camera compliant with DCAM standard
• VGA cameras with onboard DSP
• Line-scan sensor integrated with DSP
• A PTZ (Pan-Tilt-Zoom) High Definition 720p or 1080p 30fps conferencing camera with autofocus
• Linescan camera setup with onboard image processing
Custom cameras are developed for integrate the required sensor, optics or mounts. These cameras also include autofocus feature, lighting setup, enclosure material based on the environment, ruggedness to shocks and vibrations, and adherence to several safety and regulatory compliances.

Benefits offered by integrated cameras and their design proposed by the best vendors

• Reduced time for development: The company’s experience in designing imaging products and solutions is crucial and hence becomes the differentiating factor in the faster process execution of design and building cameras.

• Reduced cost: The platform based development model reduces the cost of development of camera products considerably. Nowadays offshore companies can even lower the cost of development especially if they are developed from scratch.

• Application Support: Support at the application level is crucial especially in context with image processing algorithm development. Years of expertise and experience in imaging and image processing boil down to the efficiency rendered during support. Also a company with resources who have previous system integration experience would relate with customer needs and pain points too.

• Integrated Solutions: Companies who are certified for CE, FCC, and UL will always strive to get the prototype ready based on the design in terms of ingress, temperature, and other specifications.

A graduate in technology, Toya Peterson is an avid blogger who is always interested in the recent fads and trends related to wearables, IoT and embedded technologies. A mother of two, she aspires to be a photo-blogger soon as she is honing up her skills in photography. In her leisure time, she loves to go hiking with her friends.


Digital Publishing: A Better Way to Read Magazines and Newspapers

downloadReading magazines is one of the most common hobbies among women in the age demographic of 18-49. Magazines are the second-highest circulated publications of the publishing industry, with newspapers being the first. Traditionally, magazines were bought from newsstands located at the corner of every city street. However, with a change in trends and digitization influencing most industries, digital newsstands are the new thing that the industry has to offer.

What is a Digital Newsstand?

A digital newsstand is the latest product of the recent developments in digital magazine publishing software. Several distribution platforms offer content in the form of magazines, newspapers, and journals, digitally which can be accessed by anyone with a smartphone. These are mostly available on a subscription basis, but a large variety of free content is also available.

With the advent of tablets with 10-inch screens, much like a magazine cover, the publication houses began adapting to a digital format rather than regular print. These digital newsstands were an instant success as they offered a richer reading experience with several interactive systems which made newspapers, magazines and journals more interesting. Digital publications also reduced additional costs like printing and distribution that the publication house would have to bear.

Most publishers prefer digital distribution as it enables them to connect to a global market as they have the opportunity to now sell internationally. However, digital publishing isn’t a very easy task to accomplish, it requires experts who can pay proper attention to fine detail like the design and interactive features of a digital publication, understanding market trends for promotions and advertisements. With proper digital magazine publishing software, any publication house will find digital publishing and distribution to be extremely beneficial and a profitable investment.

The Many Benefits of Digital Publishing

Better scope for advertising – On regular print, the advertisements printed do not connect well with the subscribers as the content is non-interactive. However, with digital print, these advertisements could be enriched with interactive photos, live web links, as well as videos and animation, which would engage the reader making your advertising campaign, a success. This attracts more sponsors when compared to regular print editions. The kind of sponsors you get would also differ, with more variety of sponsors available at your doorstep, you will find it easier to publish digital prints.

Global distribution – The digital publications reach subscribers located all around the globe simultaneously reducing the hassle of postage and delivery.

Customer data at your disposal –With digital distribution, it would be easier for you to get their valuable insight and feedback like the readers likes and dislikes. This enables you to design better marketing campaigns with tailor-made offers which would attract the customer to other subscriptions. You can also analyze the reading patterns of your audience and enhance the reader’s reading experience with suggestions.

New Audience –With a global audience and more interactive digital content, it would be easier for a publication house to target a younger audience. This would generate better revenues as you’re not just benefiting from your previous audience but also from your pre-existing members.

Build Your Brand as a Digital Publisher –With a digital publication application downloaded on the smartphones of the public, the publication can create their own brand and make the general public aware of it which would make the publication more recognized among competitors.