The Payment Card Industry Security Standards Council recently introduced what it calls a Qualified Integrator Reseller credential for ISOs who set up transactions services for merchants, according to an article from the latest issue of ISO&Agent Weekly.
ISOs qualify for the credential after completing a six-hour online course and pass a 70-question, one-hour exam. The certification is valid for two years and the council even is going to list qualified credential holders on its site.
From ISO&Agent Weekly:
The council sees a need for the credential because Trustwave, a security vendor, reports that 63% of data breaches investigated in 2012 resulted from vulnerabilities introduced by a third party responsible for system support.
“Most of the problems are small and easily fixable,” PCI Council General Manager Bob Russo says of the glitches that allow criminals to hack into point of sale systems.
The most common miscues include failing to change the system’s default password or neglecting to keep remote access secure, he notes.
The Council found merchants, especially mom-and-pop operations, are not doing their due diligence when initially setting up transactions service. Russo notes those mom-and-pop stores often have a son or daughter with little computer science training install a point-of-sale system.
Click here to read more from ISO&Agent Weekly.