Schellman & Company, LLC has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program. PCI PIN, one of the subsidiary standards part of the PCI PIN Transaction Security (PTS) group of standards, covers the safeguards for protecting online and offline PIN transactions in attended and unattended point of sale or for automated teller machine scenarios. The new QPA program moves assessors under the PCI Security Standards Council’s remit from the payment card brands, although the standards, control objectives, and payment card brand direction remain largely the same.
The PIN Security Requirements complement Schellman’s existing PCI services, especially PCI DSS and PCI P2PE, and give clients who handle ATM processing or other PIN data flows the opportunity to consolidate their various audits under a single firm with deep expertise and rigorous quality standards.
About the Author
Jacob Ansari is the Security Advocate at Schellman, where he leads the firm's security best practices advocacy. Jacob develops and leads educational efforts on security practices, emerging and extant threats, and related industry developments for both internal and external audiences, and regularly represents the firm as an experienced security practitioner, security officer, and industry expert on technical information security matters and leadership in the space. Jacob has also acted as the CISO for the firm and has an extensive history in a client facing role as the technical lead for Schellman’s PCI services. Additionally, Jacob has experience with other Payment Card Industry assessment services, namely Software Security Framework, PA-DSS, P2PE, 3DS, and PIN. Jacob has extensive technical expertise on matters of information security, compliance, application security, and cryptography, and has been performing payment card security assessments since the card brands operated the predecessor standards to PCI DSS. Over the 20 years of his career, Jacob has spoken extensively on security-related matters, trained and mentored assessors, and contributed to groups on emerging standards, advisory bodies, and special interest groups.
More Content by Jacob Ansari