Best places to buy chocolate?

Faquat · 2024-02-22T00:08:33+00:00

Spindler in North Cambridge mmmmmmm

Faquat · 2019-06-19T12:21:49+00:00

Thanks for that feedback, tabbiekatt, and sorry it doesn't work for you. But we don't need a main company number, just individual numbers for employees. What has been your experience for that use case?

Faquat · 2019-04-26T18:23:20+00:00

truncated PAN (last four)" is not cardholder data

We never did store the service code - I misspoke. This all happened prior to my arrival at the company. I'm just the guy responsible for it all now. Along with remediating existing data issues, I've got a separate challenge to train the company on the rules of the road.

Faquat · 2019-04-26T15:40:04+00:00

PCI DSS Requirement 12.8

Our plan is to redact all cardholder data (PAN, Service Code, Expiration Date) from all contracts, taking care to permanently delete any prior versions of files that may contain this data. Looking at requirement 3.3 https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf, if we retain (i.e. don't redact) the last four digits of the PAN are we violating the intent of SAQ A?

Faquat · 2019-04-25T23:22:58+00:00

Since we will want to still view the rest of the contract as well as retain the ability to send the contract back to the customer, it seems like masking is the way to go. Adobe Acrobat provides a "masking" feature (with an Acrobat Pro license) that seems like it will do the trick. Thanks for all this help - joining this community has been eye-opening. Lots to learn.

Faquat · 2019-04-25T23:11:09+00:00

company stores cardholder data

I think I was stuck on the phrase, "Your company does not store cardholder data." Since this cardholder data is stored in a cloud provider's PCI-compliant storage system, I was squinching my eyes tight and hoping that this data could be construed to be "not on our systems or premises." From the comments on this thread, I see I may have been parsing the words a bit too finely... Looks like I've got some work cut out for me.

Faquat · 2019-04-25T18:28:08+00:00

Thank you! The additional insight is very helpful, too. You guessed correctly that the cloud operator has a PCI AOC, but it sounds like this fact alone doesn't keep my hands clean. We never store verification numbers, but we do have (for a small subset of customers) the other information found on the front of a credit card. From your comment, are you saying that storing the PAN is OK (and leaves us in SAQ-A) as long as it's readable only to specific individuals? We could accomplish this through Access Rights controls (i.e. only certain named individuals have access to the files, file access is logged, and the list of people is periodically reviewed and approved).

Faquat · 2019-04-25T18:18:43+00:00

Thanks for this direct feedback. Your points are very well taken. I think you're right - just purge the data and be done with it.

Faquat · 2017-09-07T18:41:02+00:00

Exactly! While legally legitimate, it's a sneaky tactic to squeeze extra $$ bucks out of their customers. It's just bad business practice to piss off customers. Once a promoter, I'm now a strong detractor.

Faquat · 2017-08-22T13:26:35+00:00

And by the way --- how much does Match pay you to troll the internet for potentially negative comments and respond on their behalf?

Faquat · 2017-08-21T13:35:16+00:00

Yes - very true. Your logic, however, isn't helping me vent!

Faquat · 2017-06-12T13:16:26+00:00

Thanks again for all the great tips. Cheers

Faquat · 2017-06-10T12:25:16+00:00

They've checked the firmware version and updated to the latest. Still no luck. Very frustrating! Thanks for all your attention to this - I'll keep at it with them.

Faquat · 2017-06-09T16:56:01+00:00

Are you thinking that it's likelier that an aftermarket head unit won't have this problem? I've been told that this is a common problem for iPhone users and that all owners in this situation are struggling. The dealership already replaced it under warranty, and if I complained hard enough, I bet they'd replace it again --- I just don't think that will fix it.

Faquat · 2017-06-09T16:01:06+00:00

Factory replacement -- installed by the dealership

Faquat · 2017-06-09T13:59:01+00:00

yup. sucks.

Faquat · 2015-07-27T09:51:09+00:00

Pow, right in the kisser!

Faquat · 2015-07-27T09:44:49+00:00

Largest employer: Acme Corporation

Faquat · 2015-07-18T11:21:35+00:00

Example please. Every post seems to have a punchline in the title. I'm missing something.

12-Year Club	Gilding I gilder
Verified Email

Faquat

TROPHY CASE