I didn't attend the infamous Electronic Transaction Association (ETA) show this year but others did and they send their regards. ETA is the geek get together where all the whos-who of electronic transactions show up. It's very "clicky" because the industry (like others) is very incestuous and the players have all worked together at one company or another.

Friends of mine were there, some spoke and some had vendor booths, but they all know each other. This year was all about partnerships. Finding out who hired who and what company was partnered with what other company. It seems like partnerships mostly followed the path of people you know rather than anything else. It was just interesting to see these social networks evolve organically.

On the O'Reilly Radar, Marc quotes John Gall in saying the following. I think the same is true of social networks.

A complex system that works is invariably found to have evolved from a simple system that worked….A complex system designed from scratch never works and cannot be patched up to make it work. You have to start over, beginning with a working simple system.

So James DeLuccia at Optimal Security reports on his experience at ETA.

I have had the privilege to speak with dozens of companies and sit through several discussions on the payment industry and the PCI DSS requirements. This entry contains my notes and takeaways from the first day. These take aways include:

  • PCI DSS program Updates (new version, changes!)
  • Threats, Trends, and Analysis
  • Safe harbor for Small Merchants
  • PCICo
  • Top Reasons for Compromises
  • Top Actions to mitigate compromises