Andrew Savala lays out the differences between EMV compliance which regulates Chip & Pin versus PCI which is the ultimate umbrella.
Andrew Savala lays out the differences between EMV compliance which regulates Chip & Pin versus PCI which is the ultimate umbrella.
The next webinar in the Section 508 Best Practices Webinar Series will take place September 27 from 1:00 to 2:30 (ET) and will cover accessibility to electronic and information technology, assistive technologies, and reasonable accommodations. Presenters will explain each of these approaches to making covered technologies usable by people with disabilities and the relationship and differences between them. For more details or to register for this free webinar, visit www.accessibilityonline.org. Registration closes 24 hours before the start of the session.
The Section 508 Best Practices Webinar Series provides helpful information and best practices for federal agencies in meeting their obligations under Section 508 of the Rehabilitation Act which ensures access to electronic and information technology in the federal sector. This webinar series is made available by the Accessibility Community of Practice of the CIO Council in partnership with the U.S. Access Board.
Section 508 Best Practices: Introduction to the three A’s: Accessibility, Assistive Technology and Accommodation
September 27, 2016, 1:00- 2:30 (ET) Add to Calendar
• Alexander Koudry, MS, ATP, PMP, RET; Director, Center for Information Technology Access, General Services Administration
• Timothy P. Creagan, Senior Accessibility Specialist, U.S. Access Board (moderator)
Note: Registration closes 24 hours before the start of the session. Instructions for accessing the webinar on the day of the session will be sent via email to registered individuals in advance of the session. Communication Access Realtime Translation (CART) and Video Sign Language Interpreters are available for each session and will be broadcast via the webinar platform. A telephone option (not toll-free) for receiving audio is also available.
The address is the latest by the Democratic nominee aimed at lifting the rhetoric in a nasty race against Republican Donald Trump.
The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data.Click here to edit the content
According to a non-public alert released to bank industry sources by a financial crimes task force in Connecticut, this is thought to be the first time periscope skimming devices have been detected in the United States.
The task force warned that the devices may have the capability to remain powered within the ATM for up to 14 days and can store up to 32,000 card numbers before exhausting the skimmer’s battery strength and data storage capacity.
There are no reports that the data set has been successfully sold yet.
68 million of those that signed up prior to 2012 and haven’t changed their password are affected. Lot of people.
The good news? Hacks are limited for now. The bad news? Hackers will get better.
Olea Kiosks has extensive experience building exceptional ADA-compliant kiosks. Find out more about our standard and custom ADA-compliant kiosks.
Well written and complete. Recommended!
Title III of the Americans with Disabilities Act (ADA) gives rights of equal access to places of public accommodation. For people who are Deaf or…
Businesses, lawmakers, and advocacy organizations say what new group does is an abuse of the system, a form of extortion, and harming the disability community.
There are those that abuse the system
Chip cards, also known as EMV cards, are getting faster at the register, but mobile payments like Apple Pay are the real answer, Joanna Stern says.
New York City’s public Wi-Fi kiosks aren’t sufficiently accessible to blind people, according to claims made in a lawsuit filed Thursday by attorneys representing advocates for the disabled.
The kiosks include Braille labels next to a 911 button and a headphone jack. The kiosk’s touch-screen tablet is also at a level so that those in a wheelchair are able to use it, according to a CityBridge spokesman.
Mindy Jacobsen, a 65-year-old Brooklyn resident, is one of three blind residents suing the city. Last week, Ms. Jacobsen, who teaches technology courses in Manhattan, said she plugged her headphones into a kiosk on Eighth Avenue, hoping to use it for directions. But the maps feature was on the touch screen, which Ms. Jacobsen couldn’t use.
A 911 call can only be placed when an on-screen prompt is pressed.
Most people know that the Americans with Disabilities Act requires many institutions, including governments, to install curb cuts, wheelchair ramps and handicapped parking spaces. Approved by Congress in 1990 and updated in 2010, the ADA aims to provide equal access to those with a wide range of disabilities. Under the ADA, every municipality is required to have a compliance officer responsible for staying current with regulations and handling requests and complaints from disabled residents. Tony Phillips, Ridgefield’s director of social services, doubles as ADA compliance officer, a common arrangement in smaller towns. “It’s really unfortunate that it took an act of Congress to force municipalities to be inclusive and allow people with physical challenges into their business and civic activities,” Knickerbocker said. Ridgefield also plans to add wheelchair-friendly walkways from the high school to the visitors’ bleachers at a nearby athletic field — an amenity that wasn’t considered when the bleachers were designed and installed. The town is also buying a special cart for the town-owned golf course that raises handicapped players to a standing position so they can swing a club.
The university has signed an agreement with the U.S. Department of Health and Human Services to pay $2.7 million and carry out a three-year corrective plan over two breaches in 2013 that involved more than 7,000 patients.
From HISTALK – Oregon Health & Science University will pay $2.7 million to settle charges stemming from two 2013 data breaches involving 7,000 patients, one the theft of a surgeon’s unencrypted laptop from his vacation home and the other caused by medical residents who stored patient information in cloud-based Google Docs. That’s a big penalty considering there’s no proof anyone actually saw or used the patient information.
The U.S. Access Board recently convened for its July meeting. On July 11 and 12, Board members met in committee to advance agency rulemaking, review agency programs and operations, and attend presentations on various subjects. They also held meetings with several organizations as part of an agency outreach initiative. At the full meeting of the Board on July 13, which was streamed live, members received reports on these activities and a new member to the Board was sworn in.
New Board Member
|Shelley Siegel, FASID (right) with Access Board Chair Sue Swenson|
Board members welcomed Shelley Siegel, FASID of Lake Worth, Florida to their ranks. Siegel, who was appointed to the Board by President Obama in May, was sworn in by Board Chair Sue Swenson. Siegel is the founder and president of Universal Design and Education Network, an interior design firm that specializes in universal design in residential and commercial projects. She has also been consulting designer of the Siegel Design Group, Inc. since 1972 and is a Fellow of the American Society of Interior Designers (ASID) and a member of the Design Alliance for Accessible Sustainable Environments.
The Board is taking steps to conclude rulemaking in several areas, including new or updated accessibility guidelines and standards for information and communication technology (ICT), transportation vehicles, public rights-of-way, and medical diagnostic equipment.
The Board is working to complete a final rule to refresh its accessibility requirements for ICT covered by Section 508 of the Rehabilitation Act and Section 255 of the Communications Act. The Board has finalized the text of the rule and is in the process of completing a companion discussion of the rule, referred to as the “preamble,” and the necessary cost-benefit analysis or “regulatory assessment.” During the July meeting, the Board heard a progress report on the regulatory assessment from its contractor. The Board is scheduled to vote on the full package later this summer and will then submit it to the Office of Management and Budget (OMB) for review. Once the rule is cleared by OMB, it will be published in the Federal Register and posted on the Board’s website.
Update of ADA Accessibility Guidelines for Buses and Vans
Rulemaking is underway to update the Board’s ADA Accessibility Guidelines for Transportation Vehicles. In May, the Board completed work on a final rule that updates guidelines for buses and vans which is currently under review by OMB. The Board will publish the rule once cleared by OMB and will then proceed with rulemaking to update portions of the vehicles guidelines covering rail cars according to recommendations it received from an advisory panel it chartered, the Rail Vehicles Access Advisory Committee, which submitted its report to the Board last year.
Medical Diagnostic Equipment Standards
Under the Affordable Care Act, the Board is developing new standards for medical diagnostic equipment, including examination tables and chairs, weight scales, radiological equipment, and mammography equipment. The Board is working to complete the final rule, including the preamble and regulatory assessment, for OMB’s review.
Guidelines for Public Rights-of-Way and Shared-Use Paths
The Board also is completing work on new guidelines that will address access to public streets and sidewalks and shared-use paths. The text of the guidelines has been finalized, and the Board is preparing the preamble and regulatory assessment.
The Board often invites guest speakers to its meetings to present information on various topics, including accessibility initiatives, new access challenges or “frontier issues,” innovative technologies or product solutions, and research results. At the July meeting, members received a presentation by Michele Erwin, the founder and president of All Wheels Up, Inc. an advocacy organization for improved accessibility aboard airplanes. The organization is promoting development and testing of restraint systems to accommodate wheelchairs aboard planes so that users do not have to transfer to boarding chairs and airplane seats.
In addition, Seanna Kringen, a Research Associate with Beneficial Designs, briefed the Board on new standards for accessible fitness equipment developed by the American Society for Testing and Materials (ASTM) and the Rehabilitation Engineering and Assistive Technology Society of North America (RESNA). She was joined by Ryan Eder, Founder & Chief Executive Officer of IncludeFitness Inc., who demonstrated examples of accessible fitness equipment developed in accordance with the new ASTM standards.
Outreach to Agencies and Organizations
|Board members and staff tour ASID’s new offices in Washington, D.C.
Over the past year, Board members have visited various agencies and organizations to learn more about their work and areas of mutual interest and to share information on Board resources, services, and initiatives. These discussion also have explored potential partnerships in publicizing the work of the Board, conducting trainings and webinars jointly, and promoting research. In July, Board members met with representatives of ASID, the American Institute of Architects, the American Public Transportation Association, and the Information Technology Industry Council. Board members previously visited the Department of Health and Human Services, the American Hotel & Lodging Association, the National Association of Counties, the National Restaurant Association, and others.
Next Board Meeting
The Board meets every two months. The next Board and committee meetings will take place September 12 – 14. Subscribe to Board news to receive updates on upcoming meetings and other Board events and activities.
Recent local news stories about credit card skimmers found in self-checkout lanes at some Walmart locations reminds me of a criminal sales pitch I saw recently for overlay skimmers made specifically for the very same card terminals.
Twitter locked millions of user accounts in response to password leak.
It was reported that the login credentials of more than 32 million Twitter users were compromised. According to LeakedSource, which indexes hacked credentials from data breaches, the credentials are being traded on the Dark Web for about 10 bitcoin a pop or a little under $6,000.
LeakedSource goes on to note that passwords are stored as plain text files, and many seem to be attached to Russian users. That detail indicates that the passwords were stolen from users, as opposed to through a hack into Twitter’s central systems.
In response to the leak, Twitter quickly initiated forced resets for many of its users.
As Fortune reported, Twitter remains adamant that its systems were not breached. But either way, the validity of many of the credentials led the company to react by locking down a number of accounts until the owners manually reset their passwords.
Wendy’s Admits Data Breach Much Worse Than Previously Reported
Click here to edit the content
Initially, the fast food chain discovered malware on its POS system at 5% of its franchisee-owned locations. However, they have recently uncovered a variant of the first malware.
“The attackers used a remote access tool to target a point-of-sale system that, as of the May 11th announcement, the Company believed had not been affected. This malware has been discovered on some franchise restaurants’ POS systems, and the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated,” the restaurant said in its press release.
The release said the company has disabled the malware “on all franchise restaurants where it has been discovered” and it “continues to work aggressively with its experts and federal law enforcement to continue its investigation.”
Both security expert Brian Krebs and the National Association of Federal Credit Unions have accused Wendy’s of minimizing the issue, and have said the breach could be larger than the ones that affected Target(40 million customers) and Home Depot (56 million customers).
Remarkable new standing wheelchair for ADA
The skimmers keep coming up with ideas.
To further assist covered entities and people with disabilities to understand how the ADA applies to certain technologies, such as Web sites, electronic book readers, online courses, and point-of-sale devices.
Covered entities have longstanding obligations to make their programs, goods, services, and activities accessible—including those they provide online or via other technology. The new Web pages compile in one place the Department’s technical assistance and guidance about accessible technology, as well as information about the Department’s accessible technology enforcement efforts, regulation development, and other federal accessible technology resources and initiatives.
When the PCI Security Council issues its new payments security requirements on Thursday, it is going to impose new rules about authentication and service providers. What is intriguing about the new edicts is that it shows the council’s new acknowledgment that to protect payment, protections have to happen in the larger corporate universe.
The big change is requiring new multifactor authentication for anyone with access to the datastore. Good rule, just a little late to the party so to speak.
News from the U.S. Access Board • March/ April 2016
- Board to Hold Town Hall Meeting in Seattle on May 10
- Board to Release Next Installment of the Online Guide to the ADA and ABA Standards
- ASTM International Proposes Standard for Sidewalk Smoothness Based on Board Study
- Upcoming Board Webinars
- DOT to Undertake Negotiated Rulemaking on Air Travel Access Issues
The Access Board will hold a town hall meeting in Seattle onMay 10 at the University of Washington. The event will feature a panel discussion on implementation of accessibility requirements at the state and local levels and another on access to public transportation, including bus and rail systems and passenger vessels. Both panels will consist of speakers from the Seattle area and will be moderated by Board members.
An open forum will follow to allow members of the public to make comments or pose questions to the Board. The Board will provide a briefing on its mission and work and an update on its rulemaking activities under the ADA and other laws. The event will take place from 1:30 to 5:00 at the University of Washington Student Union. Registration is not required. Attendees are requested to refrain from using perfume, cologne, and other fragrances for the comfort of all participants.
For further information, contact David Baquis at email@example.com, (202) 272–0013 (voice), or (202) 272–0071 (TTY).
U.S. Access Board Panel Discussions and Town Hall Meeting
May 10, 1:30 – 5:00
Husky Union Building (the HUB), Room 250 (2nd floor)
University of Washington
4001 East Stevens Way, NE
Seattle, WA 98195-2230
Schedule of Events
• Welcome and Update on Access Board Activities
• Panel Discussion on Implementation of Accessibility Requirements
• Panel Discussion on Public Transportation Accessibility
• Open Forum
In May, the Board will release the next installment of its online guide to the ADA and the Architectural Barriers Act (ABA) Accessibility Standards. This material will cover Chapter 5 of the standards (General Site and Building Elements) and address accessible parking, passenger loading zones, and stairways. Technical bulletins on these subjects will explain and illustrate requirements, answer common questions, and offer best practice recommendations. The installment also will include an animation on accessible parking and passenger loading zones.
The Guide to the ADA Standards covers design requirements for places of public accommodation, commercial facilities, and state and local government facilities covered by the ADA. The Guide to the ABA Standards addresses similar standards that apply under the ABA to facilities that are designed, constructed, altered, or leased with federal funds. Bulletins on the first four chapters of the standards are currently available, as are animations on wheelchair maneuvering, entrances and doors, toilet and bathing facilities, and protruding objects.
Sign up for email updates to be notified of the release of these and future installments to the guide.
Rough and uneven surfaces can be uncomfortable, even painful, for people who use wheeled mobility aids. ASTM International, an organization that develops voluntary consensus standards, is proposing a new standard for the smoothness of sidewalk surfaces to ensure that they can be comfortably traversed by everyone, including those who use wheelchairs, scooters, and wheeled walkers, as well as people with strollers and roller boards. While there are ways to measure and analyze surface roughness for roadways, none are appropriate for pedestrian pathways.
According to ASTM International, the new standard will describe a method to collect and analyze data from a sidewalk to determine its roughness. The ASTM Committee E17 on Vehicle-Pavement Systems is overseeing its development.
The proposed standard, “Practice for Computing Pathway Roughness Index from Longitudinal Profile Measurements” (WK41917), is based on the results of a study funded by the Board that used subject testing to examine how the roughness of pathway surfaces impacts wheelchair travel. Conducted by the Human Engineering Research Laboratories at the University of Pittsburgh, the project measured body vibrations resulting from travel across various types of bumpy or uneven surfaces, including existing sidewalks and simulated surfaces. The results indicated a high correlation between surface roughness and exposure to whole body vibrations. Some test surfaces were rated as unacceptable by over half of the subjects due to the discomfort they caused. Based on the findings, researchers recommended a method and protocol for measuring surface roughness as the basis for a new standard. The project report, which is available on the Board’s website, also provides recommendations for a sidewalk roughness index threshold and for the design of a measurement device.
The next webinar in the Board’s free monthly series will take place May 5from 2:30 – 4:00 (ET) and will cover pedestrian signals that are accessible to all pedestrians, including those with vision impairments. A representative from the Federal Highway Administration will join Board staff in reviewing available signaling technologies and applicable provisions in the Manual on Uniform Traffic Control Devices. Other features of accessible intersections and street crossings, including curb ramps and detectable warnings, will be covered as well.
Visit www.accessibilityonline.org for more information or to register for the webinar. Questions can be submitted in advance of the session (total limited to 25) or can be posed during the webinar. Webinar attendees can earn continuing education credits. The webinar series is hosted by the ADA National Network in cooperation with the Board. Archived copiesof previous Board webinars are available on the site.
The Department of Transportation (DOT) announced plans to conduct a negotiated rulemaking on air travel accessibility through a committee of stakeholders and interested parties. This effort will address access to in-flight communications and entertainment, accessible restrooms on single-aisle aircraft, and coverage of service animals and supplement DOT’s regulations under the Air Carrier Access Act (ACAA) which prohibits discrimination on the basis of disability in air travel.
As outlined in a published notice, DOT plans to form a negotiation committee that will represent disability groups, airlines, airports, aircraft manufacturers, and other stakeholders. DOT plans to name approximately 25 members to the committee based on nominations received in response to the notice. The Accessible Air Transportation Advisory Committee will be responsible for adopting consensus recommendations on how DOT should address these issues through its ACAA regulations. It is expected to meet monthly from May to October 2016.
We often talk to site owners who are surprised that their sites are targeted by attackers. Most of them assume that if there isn’t any juicy data to steal, like credit card numbers, that compromising their site is a worthless exercise. Unfortunately they are wrong. Aside from data, a compromised site’s visitors can be monetized …
Good informative read.
The Mossack Fonseca (MF) data breach, aka Panama Papers, is the largest data breach to journalists in history and includes over 4.8 million emails.
Kinvey, the leading enterprise mobile Backend as a Service (mBaaS), today launched a HIPAA compliant mBaaS on Google Cloud Platform.
The fully-managed service will allow healthcare providers and pharma businesses to more rapidly adopt mobile strategies and mHealth, like connected medical devices, patient adherence apps to manage chronic diseases, apps for clinical trials.
This is a significant announcement for Kinvey + Google in the healthcare space — leapfrogging the likes of AWS, Microsoft Azure and IBM — who don’t have a similar complete offering for the healthcare and pharma industry.
“Even if your network’s connection is shut off, it can encrypt anything and everything it has access to,” Kim said. “All that you need is the email; even if you’re offline, that won’t protect you.”
Both viruses encrypt data and files – including backups on the network, while Maktub can also compress the encrypted files and data. Strong encryption is used to hold the files, until the encryption key is released by the attacker.
“There are more and more healthcare organizations getting hit, but it’s because the virus has evolved into this complex beast on how it’s deployed,” Kim said.
She recommended that healthcare organizations backup data in real-time, in order to revert to those files without losing information in case of an attack. Organizations also need store data offline, and networks should be segmented with a properly-configured firewall with routine risk assessments.
“We need to make sure we have a complete, strong security program that blocks the malware we know about,” Kim said. “So if something gets into our system, we can stop and eradicate it to stop the bleed. It’s also really important to block and tackle what you can – and have a plan.”
Kim added that there’s no substitute for good security.
“It really is a battle between these cyber criminals and the rest of us,” she said. “There definitely is a learning curve, but we can benefit as a community to try to build these solutions together.”
How can your jury operation accommodate someone with a disability and provide the same access as everyone else? Where are the areas to focus on?
The first place to review is your self-service, online functionality. The second area of your jury operation you can address is the juror check-in and attendance process. Finally, increasing the array of methods you provide jurors to access their jury information, the more likely you are to be ADA compliant. You can accommodate a greater portion of your juror-eligible population by providing a wider range of options. For example, if a person cannot see, they may be able to use an IVR telephony system.
Top News The San Diego newspaper reports that Alvarado Hospital Medical Center (CA) has been hit by an unspecified “malware disruption.” The hospital dec