INS has achieved compliance status by proving its ability to detect, identify and report vulnerabilities common to flawed web site architectures and configurations. These vulnerabilities, if not patched in actual merchant Web sites, could potentially lead to an unauthorized intrusion. By proactively identifying and providing the opportunity to remedy such vulnerabilities, SDP-compliant products offer a means for reducing risk of intrusion and data compromise. The SDP Compliance Testing program is an expansion of MasterCards Site Data Protection Program, a comprehensive, proactive and cost-effective set of global e-commerce and financial security services designed to help protect the Web sites of its member financial institutions, online merchants and other payment processors holding MasterCard account information. The Vendor Compliance Program requires a two-step process. The first step is to complete an online application form, which can be found at the SDP Web site. The application provides MasterCard with an overview of the applying organization, along with a detailed assertion by the security vendor that their solution is compliant with or exceeds the requirements set forth in the MasterCard Security Standard. After applying for compliance testing, the second step is for vendors to undergo a rigorous evaluation cycle that spans across a wide range of Web servers, firewalls, and operating systems -- an environment controlled and managed by MasterCard.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now