Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

8/28/2013
11:37 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

App Helps Secure Mobile Devices, Reports Security Status To Processor

SecurityMetrics MobileScan includes acquirer/ISO access to a Merchant Compliance Console

SALT LAKE CITY, Aug. 28, 2013 /PRNewswire/ -- Acquirers and ISOs now have a simple way to check merchants' mobile processing security: SecurityMetrics MobileScan, an app created for merchants to identify potential security threats and protect devices through scanning and remediation. Through a quick mobile vulnerability scan, the app inspects many issues known to cause mobile insecurity such as a lack of password polices, Wi-Fi weaknesses, unauthorized peripherals, and known operating system vulnerabilities that may allow cybercriminals access to a merchant's processing device.

(Logo: http://photos.prnewswire.com/prnh/20130125/MM48717LOGO)

SecurityMetrics MobileScan includes acquirer/ISO access to a Merchant Compliance Console that aggregates mobile device compliance results, tracks when vulnerability scans have run, and reports each merchant's mobile device scan status.

The app was built based on a foundation of Payment Card Industry (PCI) Data Security Standard (DSS) requirements in order to help mobile Point-of-Sale

(mPOS) merchants follow PCI mobile payment acceptance security best practices.

"Though convenient, mobile processing increases liability for both merchants and processing parties," said Wen Free, SecurityMetrics VP of Business Development.

"It's only a matter of time before hackers target insecure mobile devices for profitable payment card data."

SecurityMetrics MobileScan, powered by MokiMobility (mokimobility.com), is available today in both Android and iOS app stores. For more information on a MobileScan program for your merchants, or if you're interested in referral program opportunities, please call 801-995-6860.

About SecurityMetrics (www.securitymetrics.com) SecurityMetrics protects electronic commerce and payments leaders, global acquirers, and their retail customers from security breaches and data theft. The company is a leading provider and innovator in merchant data security, and as an Approved Scanning Vendor and Qualified Security Assessor, has helped over 1 million organizations manage PCI DSS compliance and/or secure their network infrastructure, data communication, and other information assets. Among other things, SecurityMetrics offers PCI audits, mobile device vulnerability scanning, penetration testing, and forensic analysis. Founded in October 2000, SecurityMetrics is a privately held company headquartered in Orem, Utah, USA.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.