We are currently building a PCI DSS Level 1 Compliant platform that will run only one application server on Elastic Beanstalk (Linux AMI). The Elastic ...
For example, if credit card has the following attributes: First Name Last Name Credit Card Number CVV Expiration Is tokenizing just the ...
Security guides (PCI-DSS, NIST, www.ncsc.gov.uk, french ANSSI ..) state that TLSv1.2 only should be allowed, and that TLSv1.0 TLSv1.1 should be desact ...
Azue Front Door supports TLS versions 1.0, 1.1 and 1.2. Currently removing TLS versions 1.0, 1.1 from Azure Front Door is not supported. PCI standar ...
Here is the Google Cloud Platform: Customer Responsibility Matrix. This document basically goes through all of the PCI DSS requirements and explains w ...
Setup: Mobile uses Stripe to get credit card token. Mobile sends token to Server 1. Server 1 gets credit card details using the token. Insta ...
I created customer in Stripe with Elements. Now I need to check if customer exists in my web app (with axios request). As far as I know the only way t ...
I’m securing my Google Cloud SQL Instance to be PCI DSS compliant, but when I’m scanning the server I get a critical warning over port 3307 saying tha ...
We have built a web application platform considering the Firebase as the centre of the technology and at this point when we need to submit the PCI DSS ...
We are working on a project its nature is somewhat ride sharing , I read about PCI Compliance i know we have to be PCI Compliance if we are dealing wi ...
We want to integrate a 3rd party service, regarding payments, their API waiting PAN & expiration date, and we need to determinate what PCI level d ...
I'm having an issue with RDP failing the PCI-DSS scan (port 3389) due to the default self-signed cert that Microsoft Server (2012 R2) generates when R ...
I am working on Masterpass QR integration which is a scan to pay feature where there will be a user and a merchant.Can anybody let me know the steps o ...
I have a server and a client application which runs in a web browser. I know it is better to make client do the request directly to the payment proce ...
I am using Let'sEncrypt's Certificates. In an attempt to stay compliant w/ PCI DSS standards, I disabled support for the Triple DES (3DES) cipher in t ...
I am working on web application where I will have to receive credit card details but only so that I can pass those details to configured payment proce ...
I have a JS front-end that communicates with the back-end via REST API and I need to process credit cards. I do not want to get into the full PCI DSS ...
So here are my goals: Decrypt a byte[] into a pinned byte[] buffer. I don't want the plain-text to exist anywhere else in memory, outside of thi ...
In trying to disable TLS 1.0, there are KitKat devices needing access to my API. I have tried overriding the default socket factory without success. I ...
I noticed recently that Amazon got API Gateway and Lambda PCI-DSS certified. I would be interested to know what that does imply regarding the isolated ...