Virtual Terminals
'Virtual terminals' is a phrase that describes access from a workstation to a hosted service for card processing functionality. This might include access to a third party payment service provider that is delivered through some form of web browsing connection.
|
|
||
|
||
|
|
||
|
In environments where users browse to a 3rd party payment processor, they are still required to key data in to the site to facilitate card payments. Although the user does not store or process the card data, they are responsible for transmitting it. It is possible that a keylogger (or equivalent) could be installed on their workstation which is then used in turn to harvest card data. Although the risk of such an attack might result in a smaller exposure than a database of card data being compromised, it does still pose a level of risk to a merchant. In January 2010 the PCI Security Council announced that they will give Virtual Terminal access special consideration over the following months. Merchants can expect further clarification around this topic throughout 2010 and 2011. To find out more about how Nettitude can help you with your Compliance requirements, please complete our contact form, and a Consultant will respond to your enquiry. |
|
|
- PCI DSS Scope
- Workstation Coverage
- Call Centres / Call Recording
- Payment Service Providers
- Virtual Terminals
