maravis.com

Heartland Payment Systems has settled with Visa and will pay upto $60 million. This will cover the losses incurred by issuers of Visa cards due to the breach at Heartland in 2008.

PCI-DSS 1.2 discourages the use of MD5, in favor of the newer and better SHA1 algorithm. But I keep getting questions on whether use of MD5 is a security threat or whether it will impact PCI compliance.

I just read an article in SC Magazine that says that some vendors are calling for a logo that can be displayed by PCI compliant companies. The idea is that being compliant can be used as a marketing tool and that a lot of companies are not able to communicate the impact of being compliant properly. If they had a logo on their website, people will know right away.