Schellman Becomes PCI Qualified PIN Assessor

July 9, 2019 Jacob Ansari

Schellman & Company, LLC has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program. PCI PIN, one of the subsidiary standards part of the PCI PIN Transaction Security (PTS) group of standards, covers the safeguards for protecting online and offline PIN transactions in attended and unattended point of sale or for automated teller machine scenarios. The new QPA program moves assessors under the PCI Security Standards Council’s remit from the payment card brands, although the standards, control objectives, and payment card brand direction remain largely the same.

The PIN Security Requirements complement Schellman’s existing PCI services, especially PCI DSS and PCI P2PE, and give clients who handle ATM processing or other PIN data flows the opportunity to consolidate their various audits under a single firm with deep expertise and rigorous quality standards.

About the Author

Jacob Ansari is a Senior Manager at Schellman & Company. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS, P2PE, and 3DS. Jacob's career spans nearly 20 years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and assessment of cryptographic systems. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS.
More Content by Jacob Ansari

Return to Home

Welcome to our Hub

Schellman Becomes PCI Qualified PIN Assessor

About the Author

Previous Article

Next Article

Schellman Becomes PCI Qualified PIN Assessor

About the Author

Previous Article

Next Article

Most Recent Articles

Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.

Schellman has performed a third of FedRAMP assessed systems and is the #2 3PAO provider.

Security Boulevard reached out to a panel of DevSecOps pros to learn more about key considerations and best practices for building a DevSecOps pipeline.

When it comes to cybersecurity, it’s the things we don’t know that can be the scariest.

Though ransomware attacks aren’t a recent phenomenon, they seem to be increasing in frequency and intensity. If society has grown used to these kinds of cyberattacks, that’s about to change.

The 2019 PCI North America Community Meeting was held in beautiful Vancouver, British Columbia, Canada. The conference provided takeaways for PCI standards plus sneak peeks info PCI DSS v40.

The PCI SSC is preparing to issue a draft version of PCI DSS v4.0. It was apparent early in the presentation that the update to the PCI DSS is going to be the largest change since v3.0 in 2013.

Schellman Senior Manager Danny Manimbo profiled by This Way to CPA on how earning his CPA opened doors in the accounting field, and shares tips for students taking the CPA exam.

Security Boulevard recently published a list of valuable PCI DSS compliance tips which Schellman's team of QSAs reviewed and have offered insight and commentary on.

Learn how three young professionals have found success in their careers with the CPA credential.

Three leading smart speaker technology makers have suspended contractor review of consumer recordings following disclosures that the devices are nearly always listening and have captured interactions.

For those that were monitoring the wire, ISO 27001 was released the week of August 5th as an extension of ISO 27001 and 27002.

To protect their corporations against data breach from internal and external sources, CISOs have a tool that is effective at identifying breaches but some employees might find it intrusive: analytics.

Companies are applying natural language processing (NLP), sentiment analysis and machine learning to the financial sector, evaluating earnings calls and other public meetings to unearth information.

Marriott announced that the UK ICO communicated its intent to issue a fine of over $124 million for infringements of the GDPR in relation to the Starwood guest reservation database incident.

On Wednesday July 17th, I had the distinct honor of providing the assessor perspective at a FedRAMP hearing held by the Subcommittee on Government Operations—a subset of the House Oversight Committee.

Deciphering the conflicted angst of GRC There is no one-size-fits-all for GRC so companies need to take a hard look at their regulatory requirements, along with their corporate culture...

You’ve been bitten by the travel bug. But you don’t have to wait for your vacation days to kick in to travel the world; you can go global with your job instead. These companies are...

We are proud to announce that the HITRUST Alliance has appointed Schellman & Co. Principal Doug Kanney to the HITRUST CSF Assessor Council and Quality Subcommittee. Below is the...

(Article originally published on BloombergLaw.com)