Schellman Becomes PCI Qualified PIN Assessor

July 9, 2019 Jacob Ansari

Schellman & Company, LLC has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program. PCI PIN, one of the subsidiary standards part of the PCI PIN Transaction Security (PTS) group of standards, covers the safeguards for protecting online and offline PIN transactions in attended and unattended point of sale or for automated teller machine scenarios. The new QPA program moves assessors under the PCI Security Standards Council’s remit from the payment card brands, although the standards, control objectives, and payment card brand direction remain largely the same.

The PIN Security Requirements complement Schellman’s existing PCI services, especially PCI DSS and PCI P2PE, and give clients who handle ATM processing or other PIN data flows the opportunity to consolidate their various audits under a single firm with deep expertise and rigorous quality standards.

About the Author

Jacob Ansari is a Senior Manager at Schellman & Company. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS, P2PE, and 3DS. Jacob's career spans nearly 20 years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and assessment of cryptographic systems. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS.
More Content by Jacob Ansari

Return to Home

Welcome to our Hub

Schellman Becomes PCI Qualified PIN Assessor

About the Author

Previous Article

Next Article

Schellman Becomes PCI Qualified PIN Assessor

About the Author

Previous Article

Next Article

Most Recent Articles

After 10 years of fully supporting Windows 7 Microsoft ended its official support for the out-of-date operating system. Consumers who have not upgraded to Windows 10 become part of attack vector.

It has never been easier to establish an online presence and having your domain is key. When managing DNS records users should stay up to date with regards to safeguarding their domain's reputation.

Many organizations provide Application Program Interfaces (APIs) to allow their clients and business partners to enter and retrieve data. We primarily see REST based APIs, but also GraphQL and SOAP.

Though ransomware attacks aren’t a recent phenomenon they do seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks that’s about to change.

To differentiate what is marketing jargon from what CISOs can do with AI-enhanced products, security leaders were interviewed to find out which products embedded with AI deliver on their promises.

My name is Hiren Desai and I’m a senior associate with Schellman. I’m happy where I have landed in life and credit profound experiences in my past that have paved the way to my fulfillment today.

Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.

This has been the most rewarding and engaging work and continues to be my dream job, and yet, the transition from full-stack web application developer to penetration tester was daunting.

US DoD has been working to revise funding procurement procedures DFARS. Most important are regulations which mandate that defense contractors meet NIST SP 800-171 standard that deals with CUI.

APEC, GDPR, and State Law all have their benefits when it comes to Privacy Compliance.

Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.

Security Boulevard reached out to a panel of DevSecOps pros to learn more about key considerations and best practices for building a DevSecOps pipeline.

When it comes to cybersecurity, it’s the things we don’t know that can be the scariest.

Though ransomware attacks aren’t a recent phenomenon, they seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks, that’s about to change.

The 2019 PCI North America Community Meeting was held in beautiful Vancouver, British Columbia, Canada. The conference provided takeaways for PCI standards plus sneak peeks info PCI DSS v40.

The PCI SSC is preparing to issue a draft version of PCI DSS v4.0. It was apparent early in the presentation that the update to the PCI DSS is going to be the largest change since v3.0 in 2013.

Schellman Senior Manager Danny Manimbo profiled by This Way to CPA on how earning his CPA opened doors in the accounting field, and shares tips for students taking the CPA exam.

Security Boulevard recently published a list of valuable PCI DSS compliance tips which Schellman's team of QSAs reviewed and have offered insight and commentary on.

Learn how three young professionals have found success in their careers with the CPA credential.

Three leading smart speaker technology makers have suspended contractor review of consumer recordings following disclosures that the devices are nearly always listening and have captured interactions.