Dawn M. Turner (guest)

Dawn M. Turner is a professional author with a passion for technical regulations and standards, as well as for their relevance and impact on corporate operations and industry in general. Dawn has more than 10 years of IT industry experience in hardware, programming & systems & network engineering. Her educational background includes a Certificate in computer operations & programming, CompTIA and Microsoft certifications, including A+, MCSE and MCP, Associates degree with major in business & minor in computer science, Bachelors of Science degree with major in business forensics & minor in accounting and an MBA with concentrations in finance & economics.

Using 3D-Secure and Device Fingerprints for EMV Payments Against CNP Fraud

Credit cardholders are generally protected from liability if unauthorized transactions are made with their credit cards because of consumer protection laws and card policies. This leaves merchants and financial institutions on the hook for losses related to credit card fraud. According to an October 2016 Nilson Report, card issuers were burdened with 72 percent of fraudulent losses in 2015 while merchants were left with 28 percent of the losses.

Read more

Applying Cryptographic Security Services - a NIST summary

This article summarizes the basic cryptographic security services that can be used to protect information (or as a supporting protective mechanism) against attacks, as described in the NIST Special Publication 800-57 (1, rev.4) for Key Management.

Read more

Strong cryptography and key management requirements for EMV and PCI DSS compliance

EMV chips on payment cards contain cryptographic co-processors and dual interfaces that allow for contact and contactless payment options. When issuing an EMV card, the customer’s information is extracted from the bank or financial institution’s database.

Read more

W3C's suggestion for a Web Cryptography API

The World Wide Web Consortium or W3C as it is commonly known was founded in 1994 by the original architect of the World Wide Web, Tim Berners-Lee. It is a consortium of international companies that are involved with the Web and the Internet.

Read more

PAdES and Long Term archival (LTA)

Under the eIDAs Regulation, specifications for formatting advanced electronic signatures for PDF documents are set under PAdES. PAdES is the electronic signature design for PDF Advanced Electronic Signatures.

Read more

UBS launches qualified electronic signatures

The ZertES legislation (Swiss digital signature law) was placed into effect in Switzerland on December 19, 2003. The purpose of this legislation was to regulate the manner for which trust service providers could use certification services with electronic signatures.

Read more

Strong authentication for Governments through trust service providers - a European perspective

One of the greatest benefits of the digital age is the availability of being able to perform many different government processes online in a shorter amount of time versus having to depend upon the postal service or taking time out of a busy day to go stand in a line at a government office.

Read more

What is a secure signature creation device

As defined by Regulation (EU) No 910/2014 (eIDAS), which took effect on 1 July 2016, an electronic signature creation device is software or hardware that has been configured to generate an electronic signature. However, for such a device to be considered a secure signature creation device (SSCD), it must meet the specifications that are stipulated in Annex II of eIDAS

Read more

Understanding non-repudiation of origin and non-repudiation of emission

This article sheds light on the two approaches to achieve non-repudiation of an electronic message: non-repudiation of emission and non-repudiation of origin.

Read more