From: Philip Cox (phil.cox@systemexperts.com)
Date: Fri Nov 30 2007 - 02:35:26 EST
> For example, if you have a customer who insists on faxing
> full credit card info on their regular fax machine to a
> company that is utilizing a service that converts that fax to
> PDF and emails it to you?
Who is the "you" it emails to? What is the intent of the PDF? Does it have
the CVC2/CID/CVV2 on it?
>From a compliance standpoint, there could be some very interesting problems.
Phil
--------------------------------------------
SystemExperts Corporation
Philip C. Cox, CISSP, PCI QSA, CISM, NSA IAM/IEM
Author of Windows 2000 Security Handbook
http://www.systemexperts.com/win2k.html
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:14 EDT