Contact
FAQs
Change Your Language
English
Français (French)
Français (Canada)
Español
日本語
Deutsch
Italiano
Português
中文
Русский
Türkçe
Toggle Menu
Get Started
Get Started
PCI Security Essentials
Overview
Why Security Matters
How to Secure
Maintaining Payment Security
Completing Self Assessment
Standards Overview
Glossary
Merchant Resources
Getting Started with PCI
Data Security Essentials Evaluation Tool
PCI Perspectives Blog
Self-Assessment Questionnaires (SAQ)
Assessors & Solutions
Assessors & Solutions
Assessor Overview
Assessors
3DS Assessors
Approved Scanning Vendors
Internal Security Assessors
Payment Application Assessors
Point-to-Point Encryption Assessors
Qualified PIN Assessors
Qualified Security Assessors
Products and Solutions
3DS Software Development Kits
Approved PTS Devices
Payment Applications
Point to Point Encryption Solutions
Software-based PIN Entry on COTS (SPoC) Solutions
Additional Resources
PCI Forensic Investigators
U.S. EMV VAR Qualification Program
PCI Professionals
Qualified Integrators and Resellers
PCI Recognized Laboratories
Give Feedback
Document Library
Training & Qualification
Training & Qualification
Overview
3DS Assessor
Approved Scanning Vendor
Associate QSA
Internal Security Assessor
Payment Application QSA
PCI Acquirer Training
PCI Awareness Training
PCI Forensic Investigator
PCI Professional
P2PE Assessors
Qualified Integrator and Reseller
Qualified PIN Assessors
Qualified Security Assessor
Webinars
Meet Our Trainers
Training FAQ
Program Fees
Become Qualified
Corporate Group Training
About Us
About Us
Overview
Leadership
Jobs at PCI
Contact Us
Antitrust Policy
Privacy Policy
IPR Policy
Get Involved
Get Involved
Overview
Affiliate Members
Board of Advisors
Global Executive Assessor Roundtable
Participating Organization Application
Participating Organizations
Regional Engagement Board
Special Interest Groups
Strategic Members
Strategic Regional Members
Community Meetings
2019 Latin America Forum
2019 North America Community Meeting
2019 Europe Community Meeting
2019 Asia-Pacific Community Meeting
Past Community Meetings
Event Photo Gallery
Request for Comments
Newsroom
Newsroom
Newsroom Home Page
Blog
Announcements
In the News
Events
FAQs
PCI Perspectives
Insights, information and practical resources to help your organization protect payment data.
How Industry Collaboration Created a Unified PIN Standard
Posted by
Mark Meissner
on
20 Jan, 2020
in
Interview
and
PIN Assessments
On the blog we discuss a joint collaboration between PCI SSC and ASC X9 to create a unified PIN stan...
READ MORE
Online Skimming and Payment Security
Posted by
Mark Meissner
on
9 Jan, 2020
in
eCommerce
and
Breaches
and
Guidance
and
Patching
and
Hackers
and
Awareness
and
Interview
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
On the blog, we cover basic questions with Christopher D. Roberti, Senior Vice President for Cyber, ...
READ MORE
Women in Payments: Q&A with Stacy Hughes
Posted by
Mark Meissner
on
6 Jan, 2020
in
Interview
and
PCI SSC
We at the PCI Security Standards Council believe strongly that there is a need for more women in cyb...
READ MORE
Increasing Industry Participation and Knowledge
Posted by
Laura K. Gray
on
18 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Increasing industry participation and knowledge is a core pillar in the PCI Security Standards Counc...
READ MORE
P2PE v3.0: What Merchants Need to Know
Posted by
Lindsay Goodspeed
on
12 Dec, 2019
in
Point to Point Encryption (P2PE)
The updates to the P2PE Standard and supporting program is part of the Council’s mission to evolve s...
READ MORE
P2PE v3.0: What Vendors and Assessors Need to Know
Posted by
Lindsay Goodspeed
on
12 Dec, 2019
in
Point to Point Encryption (P2PE)
and
Interview
The updates to the P2PE Standard and supporting program are part of the Council’s mission to evolve ...
READ MORE
Increasing Standards Alignment and Consistency
Posted by
Laura K. Gray
on
11 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Increasing standards alignment and consistency is a core pillar in the PCI Security Standards Counci...
READ MORE
Be Alert this Holiday Season: Payment Security Tips for Businesses
Posted by
Mark Meissner
on
5 Dec, 2019
in
Small Business
and
Small Merchant Resources
and
Educational Resource
On this blog we explore the challenges around security of payment data during the hectic holiday sea...
READ MORE
Just Published: PCI Contactless Payments on COTS
Posted by
Laura K. Gray
on
4 Dec, 2019
in
Mobile
and
Contactless
The PCI Security Standards Council (PCI SSC) has published a new data security standard for solution...
READ MORE
Securing Emerging Payment Channels
Posted by
Laura K. Gray
on
3 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Securing emerging payment channels is a core pillar in the PCI Security Standards Council’s (PCI SSC...
READ MORE
ISA in Practice Case Study: TIVIT
Posted by
Laura K. Gray
on
21 Nov, 2019
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
and
Brazil
and
Regional Engagement Board
To better serve its customers in the payment card industry and support their PCI Data Security Sta...
READ MORE
Evolving PCI Standards and Validation
Posted by
Laura K. Gray
on
20 Nov, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Evolving PCI Standards and Validation is a core pillar in the PCI Security Standards Council’s strat...
READ MORE
ISA in Practice Case Study: Braspag
Posted by
Laura K. Gray
on
14 Nov, 2019
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
and
Brazil
and
Regional Engagement Board
Driven by a need to improve internal security controls, help improve the company’s interactions wi...
READ MORE
Vote Now for 2020 Special Interest Group Projects
Posted by
Lindsay Goodspeed
on
11 Nov, 2019
in
Guidance
and
SIGs
and
Participation
From now through 25 November PCI SSC Participating Organizations are invited to vote on proposals ...
READ MORE
PCI DSS in Practice Case Study: FIS
Posted by
Laura K. Gray
on
7 Nov, 2019
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
FIS faced the challenge of coordinating several simultaneous assessments across its organization a...
READ MORE
Key Blocks 104
Posted by
Mark Meissner
on
4 Nov, 2019
in
Point to Point Encryption (P2PE)
and
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On this blog, the fourth of the series, ...
READ MORE
Participation Opportunity: 2020-2021 Brazil Regional Engagement Board
Posted by
Laura K. Gray
on
1 Nov, 2019
in
PCI DSS
and
Participation
and
Brazil
and
Regional Engagement Board
From 1-29 November 2019, the PCI Security Standards Council (PCI SSC) is accepting nominations from ...
READ MORE
What to Know about PCIP Requalification
Posted by
Elizabeth Terry
on
30 Oct, 2019
in
Training
and
Awareness
and
Certification
and
Participation
and
PCIP
The Payment Card Industry Professional (PCIP) is an individual, entry-level qualification in payme...
READ MORE
Request for Comments: PCI DSS Version 4.0
Posted by
Laura K. Gray
on
28 Oct, 2019
in
PCI DSS
and
Request for Comments
From 28 October to 13 December 2019, PCI SSC stakeholders can participate in a Request for Comment...
READ MORE
Coming Soon: New Contactless Standard
Posted by
Laura K. Gray
on
23 Oct, 2019
in
Community Meetings
and
Interview
and
PTS POI
and
Mobile
and
Contactless
In December, PCI SSC plans to publish a new standard for solutions that enable “tap and go” transa...
READ MORE
How the Council is Evolving to Secure the Future of Payments
Posted by
Lindsay Goodspeed
on
22 Oct, 2019
in
Community Meetings
and
Interview
and
PCI DSS
In his presentation at the 2019 PCI Community Meeting this week in Dublin, Chief Technology Officer ...
READ MORE
Resource Guide: Transitioning from PA-DSS to the Software Security Framework
Posted by
Laura K. Gray
on
21 Oct, 2019
in
Apps
and
Community Meetings
and
PA-DSS
and
Resource Guide
and
Software Security Framework
The PCI Security Standards Council (PCI SSC) has published a resource guide with key information t...
READ MORE
PCI DSS in Practice Case Study: Braspag
Posted by
Laura K. Gray
on
17 Oct, 2019
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
Braspag was challenged with managing the costs involved with implementing and maintaining the PCI ...
READ MORE
PCI DSS in Practice Case Study: Decolar
Posted by
Laura K. Gray
on
10 Oct, 2019
in
PCI DSS
and
Cloud Security
and
Case Study
and
Brazil
and
Regional Engagement Board
Decolar needed to ensure that PCI Data Security Standard (PCI DSS) controls were being maintained ...
READ MORE
New Assessor Opportunity: PCI Software Security Framework
Posted by
Laura K. Gray
on
2 Oct, 2019
in
QSA
and
Software Security Framework
and
Assessors
PCI SSC has launched a new assessor qualification program to support the PCI Software Security Fra...
READ MORE
3 Things to Know About P2PE v3.0
Posted by
Lindsay Goodspeed
on
19 Sep, 2019
in
Point to Point Encryption (P2PE)
and
Community Meetings
The PCI P2PE Standard provides a comprehensive set of security requirements for validation of P2PE s...
READ MORE
5 Questions About PCI DSS v4.0
Posted by
Laura K. Gray
on
18 Sep, 2019
in
Community Meetings
and
PCI DSS
and
Request for Comments
In this interview with the Council’s Global Head of Standards, Emma Sutcliffe, we address key questi...
READ MORE
Executive Director Q&A: PCI SSC Strategic Framework
Posted by
Laura K. Gray
on
17 Sep, 2019
in
Community Meetings
and
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
In his keynote presentation at the 2019 PCI Community Meeting this week in Vancouver, Executive Dire...
READ MORE
Understanding the PCI Software Security Framework: New Educational Resources
Posted by
Laura K. Gray
on
16 Sep, 2019
in
Apps
and
PA-DSS
and
Resource Guide
and
Software Security Framework
Ahead of the North America Community Meeting this week in Vancouver, PCI SSC has published new educ...
READ MORE
Closing the Gender Gap in Payment Security
Posted by
Mark Meissner
on
30 Aug, 2019
in
Interview
and
PCI SSC
September 1, 2019 is International Women in Cyber Day. On the blog, we profile Emma Sutcliffe, Head...
READ MORE
Key Blocks 103
Posted by
Mark Meissner
on
27 Aug, 2019
in
Point to Point Encryption (P2PE)
and
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On the blog, the third of the series, w...
READ MORE
Regional Update: PCI Latin America Forum in Brazil
Posted by
Laura K. Gray
on
16 Aug, 2019
in
Interview
and
Participation
and
Brazil
and
Regional Engagement Board
The PCI SSC Latin America Forum took place this week in São Paulo, Brazil, gathering more than 350 p...
READ MORE
Key Blocks 102
Posted by
Mark Meissner
on
15 Aug, 2019
in
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On the blog, we cover basic questions a...
READ MORE
3 Things to Know about PCI DSS v4.0 Development
Posted by
Laura K. Gray
on
5 Aug, 2019
in
PCI DSS
and
Request for Comments
PCI SSC stakeholders play an important role in the ongoing evolution of the PCI Data Security Standa...
READ MORE
The Threat of Online Skimming to Payment Security
Posted by
Mark Meissner
on
1 Aug, 2019
in
eCommerce
and
Breaches
and
Guidance
and
Patching
and
Hackers
and
Phishing
and
Awareness
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
How the emerging threat of online skimming presents a great threat to the payment security community...
READ MORE
Information Supplement: Best Practices for Maintaining PCI DSS Compliance
Posted by
Lindsay Goodspeed
on
31 Jul, 2019
in
PCI DSS
and
Compliance
and
SIGs
and
BAU
and
Resource Guide
Information Supplement: Best Practices for Maintaining PCI DSS Compliance provides updated guidance ...
READ MORE
5 Common Questions About Continuing Professional Education Credits
Posted by
Elizabeth Terry
on
25 Jul, 2019
in
Point to Point Encryption (P2PE)
and
Training
and
QSA
and
FAQ
Continuing professional education is an important component of PCI SSC Qualification. Staying up to ...
READ MORE
Request for Comments: Contactless Payments on COTS Standard
Posted by
Laura K. Gray
on
22 Jul, 2019
in
Mobile
and
Request for Comments
and
Contactless
From 22 July to 20 August 2019, PCI SSC stakeholders can participate in a Request for Comments (RFC)...
READ MORE
PCI Software Security Framework FAQS: PA-DSS Impact and Transition
Posted by
Laura K. Gray
on
19 Jul, 2019
in
Software
and
PA-DSS
and
FAQ
and
Software Security Framework
New FAQs address key questions on the transition from PA-DSS to the PCI Software Security Framework.
READ MORE
NIST Mapping
Posted by
Mark Meissner
on
17 Jul, 2019
in
Infographic
and
Guidance
and
PCI DSS
Mapping PCI DSS v. 3.2.1 to the NIST Cybersecurity Framework v. 1.1 How meeting PCI DSS requiremen...
READ MORE
FAQ: Can organizations use alternative password management methods to meet PCI DSS Requirement 8?
Posted by
Lindsay Goodspeed
on
11 Jul, 2019
in
Passwords
and
PCI DSS
and
Multi-Factor Authentication
and
FAQ
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated re...
READ MORE
Key Blocks 101
Posted by
Mark Meissner
on
9 Jul, 2019
in
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard) require impleme...
READ MORE
New Software Security Framework Programs: Timeline & Key Milestones
Posted by
Laura K. Gray
on
26 Jun, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
PCI SSC has announced the rollout of the Secure Software Lifecycle (Secure SLC) and Secure Software ...
READ MORE
Guidance: PIN Security Requirement 18-3 Key Blocks
Posted by
Laura K. Gray
on
19 Jun, 2019
in
Guidance
and
PIN Security Standard
and
Key Blocks
The PIN Security Requirement 18-3 Key Blocks Information Supplement provides a series of FAQs to hel...
READ MORE
PCI on Mobile Payment Acceptance: SPoC and Contactless Updates
Posted by
Laura K. Gray
on
29 May, 2019
in
Software
and
Mobile
and
SPoC
and
Contactless
PCI SSC recently completed the first of two request for comments (RFC) periods on the draft PCI Co...
READ MORE
PCI Software Security Framework: Update on Assessor Qualification
Posted by
Laura K. Gray
on
23 May, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
Who will be eligible to conduct assessments under the PCI Software Security Framework? How will th...
READ MORE
Request for Comments: P2PE Standard v3.0
Posted by
Lindsay Goodspeed
on
22 May, 2019
in
Point to Point Encryption (P2PE)
and
Participation
and
Request for Comments
From 20 May to 19 June, PCI SSC stakeholders can participate in a Request for Comments (RFC) on th...
READ MORE
Programs Update: PCI Software Security Framework
Posted by
Laura K. Gray
on
25 Apr, 2019
in
Software
and
Apps
and
Interview
and
PCI DSS
and
Software Security Framework
New validation programs are being developed to support the PCI Software Security Standards. Together...
READ MORE
PCI Standards in 2019: Q&A with CTO Troy Leach
Posted by
Laura K. Gray
on
12 Apr, 2019
in
Point to Point Encryption (P2PE)
and
Interview
and
PCI DSS
and
PTS POI
and
Third Party Risk
and
Participation
and
Request for Comments
and
SPoC
and
Software Security Framework
and
Contactless
What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Off...
READ MORE
What to Know About the New Card Production Security Assessor Program
Posted by
Lindsay Goodspeed
on
11 Apr, 2019
in
Training
and
Interview
and
Assessors
and
CPSA Program
and
Card Production Standard
PCI SSC is in the process of launching a new program to train and qualify security professionals to ...
READ MORE
PCI Council Executive Director on 2019 Priorities
Posted by
Laura K. Gray
on
28 Mar, 2019
in
Interview
and
PCI SSC
and
Participation
A little more than a year into his role as Executive Director, Lance Johnson provides an update on w...
READ MORE
Resource for Small Merchants: Firewall Basics
Posted by
Lindsay Goodspeed
on
15 Mar, 2019
in
Small Business
and
Infographic
and
Firewalls
and
Small Merchant Resources
and
SMB Series
and
Resource Guide
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
PCI DSS: Looking Ahead to Version 4.0
Posted by
Laura K. Gray
on
6 Mar, 2019
in
PCI DSS
PCI SSC has begun efforts on PCI Data Security Standard version 4.0 (PCI DSS v4.0). Here we provide ...
READ MORE
Regional Update: India
Posted by
Laura K. Gray
on
5 Mar, 2019
in
Interview
and
Participation
and
India
Associate Regional Director for India, Nitin Bhatnagar, provides an update on PCI SSC efforts in the...
READ MORE
Resource for Small Merchants: Glossary of Payment and InfoSec Terms
Posted by
Lindsay Goodspeed
on
28 Feb, 2019
in
Small Business
and
Guidance
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Request for Comments: PCI SPoC MSR Annex
Posted by
Laura K. Gray
on
26 Feb, 2019
in
Software
and
Participation
and
Request for Comments
and
SPoC
From 26 Feb to 26 March, PCI SSC stakeholders can participate in a Request for Comments (RFC) on t...
READ MORE
Applications Now Open for Qualified PIN Assessor Program
Posted by
Lindsay Goodspeed
on
20 Feb, 2019
in
Training
and
ATM Security
and
QSA
and
PIN Security Standard
and
Assessors
and
QPA
PCI SSC is now accepting applications for the Qualified PIN Assessor (QPA) Program.
READ MORE
Understanding the RFC Process: New Guidance
Posted by
Mark Meissner
on
15 Feb, 2019
in
Infographic
and
PCI SSC
and
Participation
and
Request for Comments
Request for Comments (RFC) periods are avenues for PCI SSC stakeholders to provide feedback on exi...
READ MORE
Resource for Small Merchants: Common Payment Systems
Posted by
Lindsay Goodspeed
on
12 Feb, 2019
in
Small Business
and
Guidance
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Lead QSA Rotation as Best Practice
Posted by
Elizabeth Terry
on
5 Feb, 2019
in
PCI DSS
and
Compliance
and
QSA
PCI SSC continually seeks to increase the baseline standard of quality within the assessor communi...
READ MORE
Update to Maintaining Compliance Information Supplement
Posted by
Lindsay Goodspeed
on
29 Jan, 2019
in
Guidance
and
Awareness
and
PCI DSS
and
Compliance
and
SIGs
and
BAU
The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Complian...
READ MORE
Resource for Small Merchants: Questions to Ask Your Vendors
Posted by
Lindsay Goodspeed
on
28 Jan, 2019
in
Small Business
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
PCI SPoC and Contactless Standards: What to Expect in 2019
Posted by
Laura K. Gray
on
25 Jan, 2019
in
Mobile
and
Request for Comments
and
SPoC
and
Contactless
At the PCI Security Standards Council (PCI SSC) we continue to evolve PCI Security Standards to prov...
READ MORE
Resource for Small Merchants: Guide to Safe Payments
Posted by
Lindsay Goodspeed
on
24 Jan, 2019
in
Small Business
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Coming Soon: Qualified PIN Assessor Program
Posted by
Lindsay Goodspeed
on
23 Jan, 2019
in
Training
and
Interview
and
ATM Security
and
QSA
and
PIN Security Standard
and
Assessors
PCI SSC is in the process of launching a new program to train and qualify security professionals to ...
READ MORE
PCI SSC in Brazil: New Regional Engagement Board for 2019
Posted by
Laura K. Gray
on
18 Jan, 2019
in
Interview
and
Participation
and
Brazil
and
Regional Engagement Board
PCI SSC has announced a newly expanded Brazil Regional Engagement Board. Here we talk with PCI SSC R...
READ MORE
Just Published: New PCI Software Security Standards
Posted by
Laura K. Gray
on
16 Jan, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
PCI SSC has published the PCI Secure Software Standard and the PCI Secure Software Lifecycle (Secure...
READ MORE
PCI DSS: Reminders and Resources
Posted by
Laura K. Gray
on
17 Dec, 2018
in
TLS/SSL
and
PCI DSS
and
Cloud Security
and
Multi-Factor Authentication
and
FAQ
Version 3.2 of the PCI Data Security Standard (PCI DSS) will be retired at the end of 2018. Here are...
READ MORE
Update on PCI Software Security Framework
Posted by
Laura K. Gray
on
14 Dec, 2018
in
Software
and
Apps
and
PA-DSS
and
Software Security Framework
PCI SSC is developing a new PCI Software Security Framework, a collection of software security stand...
READ MORE
What’s New in PCI 3DS SDK Security Standard Version 1.1?
Posted by
Laura K. Gray
on
13 Dec, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
3DS
Today, the PCI SSC published a minor revision to the PCI 3-D Secure Software Development Kit (3DS SD...
READ MORE
Payment Security in India
Posted by
Laura K. Gray
on
6 Dec, 2018
in
Interview
and
Participation
and
India
PCI SSC has hired Nitin Bhatnagar to lead its efforts in India. As Associate Director for India he...
READ MORE
Vote Now for 2019 Special Interest Group Projects
Posted by
Laura K. Gray
on
3 Dec, 2018
in
SIGs
and
Participation
From 3 – 19 December PCI SSC Participating Organizations are invited to vote on proposals for 2019...
READ MORE
Industry Guidance on Accepting Telephone Payments Securely
Posted by
Lindsay Goodspeed
on
27 Nov, 2018
in
Guidance
and
PCI DSS
and
SIGs
PCI SSC just published an updated version of the Special Interest Group information supplement Pro...
READ MORE
A Message from PCI SSC Executive Director: The Board of Advisors Needs Your Vote
Posted by
Lance J. Johnson
on
9 Nov, 2018
in
Board of Advisors
and
Participation
PCI SSC Participating Organizations, one of the best ways for you to ensure your issues and perspect...
READ MORE
Vote Now for the 2019-2020 PCI SSC Board of Advisors
Posted by
Laura K. Gray
on
5 Nov, 2018
in
Board of Advisors
and
Participation
From 5- 16 November 2018 the primary business contact for each Participating Organization and Affilia...
READ MORE
Dutch Payments Association: Payment Security and Collaboration in Europe
Posted by
Laura K. Gray
on
18 Oct, 2018
in
Community Meetings
and
Interview
and
Participation
At the Europe Community Meeting in London this week, a panel of European industry associations and s...
READ MORE
PCI Software Security Standards Coming Soon
Posted by
Laura K. Gray
on
17 Oct, 2018
in
Software
and
Apps
and
Community Meetings
and
Interview
and
PA-DSS
and
Participation
and
Software Security Framework
PCI SSC is in the process of finalizing new PCI Security Standards for the secure design and develop...
READ MORE
On Payment Security in Europe
Posted by
Laura K. Gray
on
16 Oct, 2018
in
Community Meetings
and
Interview
and
Small Merchant Resources
and
Participation
and
3DS
At the Europe Community Meeting in London this week International Director for Europe, Jeremy King, ...
READ MORE
PCI DSS in Practice Case Study: AccorHotels and Vigitrust
Posted by
Laura K. Gray
on
15 Oct, 2018
in
Case Study
AccorHotels needed a comprehensive multinational, multidimensional, and multicultural PCI Data Sec...
READ MORE
What’s Next for PCI Card Production and Provisioning?
Posted by
Laura K. Gray
on
12 Oct, 2018
in
Community Meetings
and
Interview
and
Card Production
What happens next with the PCI Card Production and Provisioning Standards? PCI SSC Chief Technology ...
READ MORE
How Innovation is Changing Payment Security (and Standards)
Posted by
Lindsay Goodspeed
on
27 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
Interview
and
Small Merchant Resources
and
Participation
In this interview from the 2018 North America Community Meeting, we sit down with Chief Technology O...
READ MORE
How Industry Collaboration and Feedback Shapes PCI SSC Programs
Posted by
Lindsay Goodspeed
on
27 Sep, 2018
in
Community Meetings
and
Certification
and
QIR
and
SIGs
and
QSA
and
Participation
In his talk at the 2018 North America Community Meeting, COO Mauro Lance discusses how collaboration...
READ MORE
State of the PCI Security Standards Council
Posted by
Lindsay Goodspeed
on
26 Sep, 2018
in
Community Meetings
and
Board of Advisors
and
Participation
In his keynote address to the 2018 North America Community Meeting, Lance Johnson shares his vision ...
READ MORE
Council CTO on Verizon’s 2018 Payment Security Report
Posted by
Lindsay Goodspeed
on
25 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
PCI DSS
and
Compliance
and
BAU
Verizon recently released its 2018 Payment Security Report. During North America PCI Community Meeti...
READ MORE
What’s Next for the PCI P2PE Standard?
Posted by
Lindsay Goodspeed
on
21 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Interview
and
Request for Comments
What happens next with the PCI Point-to-Point Encryption (P2PE) Standard? PCI SSC Chief Technology...
READ MORE
Help Secure Payment Data: PCI SSC Participation Opportunities
Posted by
Laura K. Gray
on
21 Sep, 2018
in
SIGs
and
Board of Advisors
and
PCI SSC
and
Participation
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase pay...
READ MORE
PCIP in Practice Case Study: Excentus
Posted by
Laura K. Gray
on
13 Sep, 2018
in
Training
and
PCI Professional
and
Case Study
Excentus chose PCI Professional (PCIP) training and certification for its staff to help with forma...
READ MORE
Helping Small Merchants Protect Payment Card Data
Posted by
Lindsay Goodspeed
on
30 Aug, 2018
in
Small Business
and
Community Meetings
and
Small Merchant Resources
In this post, we get insights from Jenna Hutt, Retail Technology Specialist, Rocky Mountain Chocolat...
READ MORE
Threats Facing Small Merchants: A New Tool to Help
Posted by
Lindsay Goodspeed
on
28 Aug, 2018
in
Small Business
and
Firewalls
and
Small Merchant Resources
and
SMB Series
Troy Leach, Chief Technology Officer of the PCI SSC discusses how the Council is helping small mer...
READ MORE
ISA in Practice Case Study: Cafe Rio Mexican Grill
Posted by
Laura K. Gray
on
23 Aug, 2018
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
Looking for in-house PCI knowledge that would help the company stay in front of security requireme...
READ MORE
Impact Payment Security Globally: Serve on the PCI SSC Board of Advisors
Posted by
Laura K. Gray
on
17 Aug, 2018
in
Board of Advisors
and
PCI SSC
and
Participation
The Board of Advisors represents PCI Security Standards Council (PCI SSC) Participating Organization...
READ MORE
Request for Comments: PCI 3DS SDK Security Standard v1.1
Posted by
Laura K. Gray
on
14 Aug, 2018
in
Participation
and
Mobile
and
Request for Comments
and
3DS
From 14 August to 28 August the PCI community, including Participating Organizations, 3-D Secure (3D...
READ MORE
Final Request for Comments: Draft PCI Software Security Framework
Posted by
Laura K. Gray
on
31 Jul, 2018
in
Software
and
Apps
and
PA-DSS
and
Participation
and
Request for Comments
and
Software Security Framework
From 31 July to 7 September, PCI SSC stakeholders are invited to review and provide final feedback o...
READ MORE
PCI 3-D Secure Software Development Kit (3DS SDK) Program Now Available
Posted by
Laura K. Gray
on
27 Jul, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
3DS
Today, the PCI SSC published documentation for vendors and labs to use in developing and evaluating ...
READ MORE
Contactless Payments: PCI SSC on Plans to Develop Security Standard for Payment Acceptance on Merchant COTS Devices
Posted by
Laura K. Gray
on
28 Jun, 2018
in
Interview
and
Mobile
and
Contactless
PCI SSC is in the beginning stages of developing a security standard for accepting contactless payme...
READ MORE
Infographic: Patching
Posted by
Laura K. Gray
on
21 Jun, 2018
in
Small Business
and
Infographic
and
Patching
and
Awareness
and
Vendors
and
QIR
and
Small Merchant Resources
The use of outdated and unpatched software is one of the leading causes of payment data breaches for...
READ MORE
What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS
Posted by
Laura K. Gray
on
15 Jun, 2018
in
Guidance
and
TLS/SSL
and
PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3...
READ MORE
Video: Patching
Posted by
Laura K. Gray
on
13 Jun, 2018
in
Small Business
and
Patching
and
Awareness
and
QIR
and
Small Merchant Resources
and
Video
Unpatched software is one of the leading causes of payment data breaches for businesses.
READ MORE
Q&A with Community Meeting Speakers Sajal Islam and David McGregor
Posted by
Lindsay Goodspeed
on
24 May, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
Interview
and
PTS POI
and
APAC
Asia-Pacific Community Meeting speakers Sajal Islam, Audit Manager, UL, and David McGregor, Manager ...
READ MORE
Infographic: Strong Passwords
Posted by
Laura K. Gray
on
22 May, 2018
in
Small Business
and
Infographic
and
Passwords
and
Awareness
and
Vendors
and
QIR
and
Small Merchant Resources
The use of weak and default passwords is one of the leading causes of payment data breaches for busi...
READ MORE
Q&A with Community Meeting Speaker Swati Sharma
Posted by
Lindsay Goodspeed
on
18 May, 2018
in
Community Meetings
and
Interview
and
QSA
and
APAC
Asia-Pacific Community Meeting speaker Swati Sharma, QSA, CISSP, CISM discusses the payment securi...
READ MORE
PCI DSS Now and Looking Ahead
Posted by
Laura K. Gray
on
17 May, 2018
in
TLS/SSL
and
Interview
and
PCI DSS
Today the PCI SSC published a minor revision to the PCI Data Security Standard (PCI DSS) to account ...
READ MORE
3 Things to Know About the PCI Software Security Framework in 2018
Posted by
Laura K. Gray
on
11 May, 2018
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
As payments evolve, PCI SSC continues to evolve PCI Security Standards and programs for securing pay...
READ MORE
Video: Strong Passwords
Posted by
Laura K. Gray
on
3 May, 2018
in
Small Business
and
Passwords
and
Awareness
and
QIR
and
Small Merchant Resources
and
Video
The use of weak and default passwords is one of the leading causes of payment data breaches for busi...
READ MORE
Infographic: Secure Remote Access
Posted by
Laura K. Gray
on
27 Apr, 2018
in
Infographic
and
Awareness
and
QIR
and
Multi-Factor Authentication
and
Remote Access
Insecure remote access is one of the leading causes of payment data breaches for businesses.
READ MORE
PCI Software-based PIN Entry on COTS Program Now Available
Posted by
Laura K. Gray
on
24 Apr, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
Earlier this year, the PCI SSC published the PCI Software-based PIN Entry on COTS (SPoC) Standard, w...
READ MORE
New FAQs on Software-based PIN Entry on COTS
Posted by
Laura K. Gray
on
20 Apr, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
Earlier this year, the PCI SSC published the PCI Software-based PIN Entry on COTS (SPoC) Standard, w...
READ MORE
Coming Soon: Minor PCI DSS Revision
Posted by
Laura K. Gray
on
18 Apr, 2018
in
PCI DSS
A minor revision to the PCI Data Security Standard (PCI DSS) will be published next month. The new...
READ MORE
PCI P2PE in Practice Case Study: Northwestern University and CardConnect
Posted by
Laura K. Gray
on
13 Apr, 2018
in
Point to Point Encryption (P2PE)
and
Case Study
With a mission to enhance the level of transactional data security across every payment location o...
READ MORE
Video: Secure Remote Access
Posted by
Laura K. Gray
on
9 Apr, 2018
in
Awareness
and
QIR
and
Small Merchant Resources
and
Multi-Factor Authentication
and
Remote Access
and
Video
Insecure remote access is one of the leading causes of payment data breaches for businesses.
READ MORE
ISACA Partners with PCI SSC to Provide Discount on Industry Certifications
Posted by
Laura K. Gray
on
5 Apr, 2018
in
Certification
and
Interview
and
QSA
As introduced in August 2017, in 2019 the PCI SSC will increase the industry-recognized professional...
READ MORE
4 Things to Know About PCI DSS in 2018
Posted by
Laura K. Gray
on
29 Mar, 2018
in
TLS/SSL
and
PCI DSS
What happens next with the PCI Data Security Standard (PCI DSS)? Here we look at key updates and m...
READ MORE
Share This: New Resources for Businesses on Payment Data Security Essentials
Posted by
Laura K. Gray
on
28 Mar, 2018
in
Small Business
and
Breaches
and
Infographic
and
Patching
and
Passwords
and
QIR
and
Small Merchant Resources
and
Multi-Factor Authentication
and
Remote Access
and
Video
New Payment Data Security Essentials video and infographics series aims to educate businesses on t...
READ MORE
Q&A with Community Meeting Speaker Steve Marshall
Posted by
Lindsay Goodspeed
on
22 Mar, 2018
in
PCI Forensic Investigator (PFI)
and
Community Meetings
and
Interview
and
BAU
and
MEAF
and
QSA
and
APAC
Community Meetings are hosted by the PCI Security Standards Council in locations around the world.
READ MORE
Video: PCI SSC Updates Training and Certification Program for Integrators and Resellers
Posted by
Laura K. Gray
on
21 Mar, 2018
in
Breaches
and
Patching
and
Passwords
and
Certification
and
Interview
and
QIR
and
Remote Access
and
Video
Watch this video with PCI SSC’s Chief Operating Officer on how training integrators and resellers ...
READ MORE
The QIR Program is Changing: Here’s What You Need to Know
Posted by
Lindsay Goodspeed
on
14 Mar, 2018
in
Patching
and
Passwords
and
Interview
and
QIR
and
Remote Access
The PCI SSC continually listens to feedback and adapts its standards and programs to meet evolving n...
READ MORE
Webinar: SSL and Early TLS Migration: Preparing for 30 June Deadline
Posted by
Laura K. Gray
on
9 Mar, 2018
in
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
and
Educational Resource
and
Webinar
30 June 2018 is the deadline for disabling Secure Sockets Layer/early Transport Layer Security (SSL/...
READ MORE
Request for Comments: PCI Software Security Standard Framework
Posted by
PCI Security Standards Council
on
6 Mar, 2018
in
Software
and
Apps
and
PA-DSS
and
Participation
and
Request for Comments
and
Software Security Framework
From 6 March to 6 April, PCI SSC stakeholders have the opportunity to review and provide feedback ...
READ MORE
PCI Software-based PIN Entry on COTS: Understanding New Test Requirements
Posted by
Laura K. Gray
on
26 Feb, 2018
in
Software
and
Apps
and
Interview
and
PTS POI
and
Mobile
and
SPoC
Test Requirements are now available for the recently announced PCI Security Standard for software-ba...
READ MORE
Resource Guide: Migrating from SSL and Early TLS
Posted by
Laura K. Gray
on
14 Feb, 2018
in
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
and
Educational Resource
and
Resource Guide
Is your organization still using Secure Sockets Layer (SSL)/early Transport Layer Security (TLS) pro...
READ MORE
PCI Council Supports Data Privacy Day with Free Training
Posted by
Lindsay Goodspeed
on
25 Jan, 2018
in
Training
and
Patching
and
Passwords
and
Awareness
and
QIR
and
Data Privacy Day
and
Remote Access
In support of Data Privacy Day, we’re offering FREE PCI Awareness training to the first 1,000 people...
READ MORE
New PCI Software-Based PIN Entry on COTS Standard
Posted by
Laura K. Gray
on
24 Jan, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
The PCI SSC has announced a new PCI Security Standard for software-based PIN entry on commercial off...
READ MORE
Now Accepting Applications for New Associate QSA Program
Posted by
Laura K. Gray
on
18 Jan, 2018
in
QSA
As cybercriminals continue to target payments, cybersecurity skills are critically important to help...
READ MORE
PCI Training for Merchants: Which Course is Right for You?
Posted by
Laura K. Gray
on
3 Jan, 2018
in
Training
and
Awareness
and
Certification
and
PCI Professional
People are a critical part of keeping payment data safe and secure.
READ MORE
Changes Coming to the QIR Program
Posted by
Lindsay Goodspeed
on
21 Dec, 2017
in
Patching
and
Passwords
and
Interview
and
QIR
and
Remote Access
The PCI Security Standards Council (PCI SSC) is planning to restructure the Qualified Integrator and...
READ MORE
Coming Soon: New PCI Software PIN-Entry on COTS Standard
Posted by
Laura K. Gray
on
19 Dec, 2017
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
The PCI Security Standards Council (PCI SSC) has been working with industry stakeholders to develop ...
READ MORE
Request for Comments: PTS POI Standard
Posted by
PCI Security Standards Council
on
18 Dec, 2017
in
PTS POI
and
Participation
and
Request for Comments
From 18 December 2017 to 17 January 2018, PCI SSC stakeholders have the opportunity to review and ...
READ MORE
PCI DSS Dates to Remember
Posted by
Laura K. Gray
on
15 Dec, 2017
in
TLS/SSL
and
PCI DSS
With 2018 come important PCI Data Security Standard (PCI DSS) dates to remember. New requirements ...
READ MORE
What’s Next for the PCI Software Security Framework?
Posted by
Laura K. Gray
on
11 Dec, 2017
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
In an earlier post, Securing Modern Payment Software with a New Software Security Framework, PCI S...
READ MORE
PCI DSS and the Travel Industry
Posted by
Laura K. Gray
on
6 Dec, 2017
in
Holidays
and
Hackers
and
Interview
and
PCI DSS
and
Small Merchant Resources
The International Air Transport Association (IATA) is now requiring that its accredited travel age...
READ MORE
Preparing for Launch: Associate QSA Program
Posted by
Laura K. Gray
on
4 Dec, 2017
in
Interview
and
PCI SSC
and
QSA
In March 2017 the PCI SSC announced plans to develop an Associate QSA program, as part of a broade...
READ MORE
Guidance: Multi-Factor Authentication
Posted by
Laura K. Gray
on
1 Dec, 2017
in
Guidance
and
Passwords
and
Multi-Factor Authentication
and
Educational Resource
and
Remote Access
Attackers continue to compromise valid user credentials to access company networks and steal payme...
READ MORE
PCI SSC Associate Regional Director for Brazil on New Regional Engagement Board
Posted by
Laura K. Gray
on
21 Nov, 2017
in
Participation
The PCI Security Standards Council (PCI SSC) justannounced it will establish a Brazil Regional Engag...
READ MORE
PCI 3DS SDK Standard Now Available
Posted by
Laura K. Gray
on
20 Nov, 2017
in
Software
and
Mobile
and
3DS
Following publication of the PCI 3DS Core Security Standard in October, the PCI SSC has published a ...
READ MORE
PCI SSC Cryptography Expert on Triple DEA
Posted by
Ralph Spencer Poore
on
9 Nov, 2017
in
TLS/SSL
and
Encryption
and
Approved Scanning Vendors
This article is intended to provide awareness and guidance on the use of Triple DEA (also known as...
READ MORE
Serve on the first PCI SSC Brazil Regional Engagement Board: Nominate Now
Posted by
Laura K. Gray
on
3 Nov, 2017
in
Participation
The first ever Regional Engagement Board is launching in Brazil in January 2018.
READ MORE
FAQ: Can card verification codes/values be stored for card-on-file or recurring transactions?
Posted by
Laura K. Gray
on
2 Nov, 2017
in
PCI DSS
and
FAQ
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated re...
READ MORE
Strong Passwords: Payment Data Security Essential for SMBs
Posted by
Laura K. Gray
on
1 Nov, 2017
in
Small Business
and
Passwords
and
QIR
and
Small Merchant Resources
and
Cyber Security Awareness Month
Passwords are essential for computer and payment data security.
READ MORE
Payment Security in Brazil: New PCI SSC Regional Engagement Board
Posted by
Laura K. Gray
on
1 Nov, 2017
in
Interview
and
Participation
The PCI Security Standards Council (PCI SSC) just announced the opening of the nomination period for...
READ MORE
PCI and the Next Generation of Payment Security
Posted by
Laura K. Gray
on
26 Oct, 2017
in
Software
and
Community Meetings
and
PCI DSS
and
QIR
and
Multi-Factor Authentication
and
Third Party Risk
and
3DS
PCI SSC Chief Technology Officer Troy Leach talked with PCI Europe Community Meeting attendees in Ba...
READ MORE
Payment Security Insights from EUCM Speaker Michael Christodoulides
Posted by
Lindsay Goodspeed
on
25 Oct, 2017
in
Community Meetings
and
Interview
and
Small Merchant Resources
and
BAU
and
Third Party Risk
and
Remote Access
In this post, we get insights from Michael Christodoulides CISM, CISA, CRISC, Vice President, Secu...
READ MORE
Payment Security Insights with EUCM Speaker Gary Glover
Posted by
Lindsay Goodspeed
on
25 Oct, 2017
in
Community Meetings
and
Interview
and
PCI DSS
and
QIR
and
QSA
and
Remote Access
In this post, we get insights from Gary Glover, CISSP, QSA, PA-QSA, CISA, Vice President of Assess...
READ MORE
What to Know About the New PCI 3DS Core Security Standard
Posted by
Laura K. Gray
on
25 Oct, 2017
in
Software
and
eCommerce
and
Apps
and
Community Meetings
and
Interview
and
Mobile
and
3DS
At this week’s PCI Europe Community Meeting in Barcelona, the PCI Security Standards Council (PCI...
READ MORE
Payment Security Insights with EUCM Speaker Speaker Tracey Long
Posted by
Lindsay Goodspeed
on
25 Oct, 2017
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
Interview
In this post, we get insights from Tracey Long, Senior Payment Security PCI DSS Compliance Manager...
READ MORE
Payment Security Insights with EUCM Speaker Jacob Ansari
Posted by
Lindsay Goodspeed
on
25 Oct, 2017
in
Patching
and
Passwords
and
Malware
and
Skimming
and
Phishing
and
Community Meetings
and
Interview
and
Remote Access
In this post, we get insights from Jacob Ansari, QSA (P2PE), PA-QSA (P2PE), CISSP, Director at Sch...
READ MORE
Payment Security Areas to Watch
Posted by
Laura K. Gray
on
24 Oct, 2017
in
Software
and
Community Meetings
and
Encryption
and
IoT
and
Ransomware
PCI SSC Chief Technology Officer Troy Leach talked with PCI Europe Community Meeting attendees in Ba...
READ MORE
Payment Security Insights with EUCM Speaker Chris Novak
Posted by
Lindsay Goodspeed
on
24 Oct, 2017
in
Community Meetings
and
Interview
and
BAU
In this post, we get insights from Christopher Novak, Director, Investigative Response Verizon RIS...
READ MORE
Request for Comments: PCI Software-Based PIN Entry on COTS Standard
Posted by
PCI Security Standards Council
on
23 Oct, 2017
in
Software
and
Participation
and
Mobile
and
Request for Comments
and
SPoC
From 23 October to 20 November, PCI SSC stakeholders have the opportunity to review and provide feed...
READ MORE
What to Know About the PCI Software-Based PIN Entry on COTS Standard
Posted by
Laura K. Gray
on
20 Oct, 2017
in
Software
and
Apps
and
Community Meetings
and
Interview
and
Mobile
and
SPoC
The PCI Security Standards Council has been working with industry stakeholders to develop a security...
READ MORE
Securing Modern Payment Software with a New Software Security Framework
Posted by
Lindsay Goodspeed
on
18 Oct, 2017
in
Software
and
Community Meetings
and
Interview
and
PA-DSS
and
Cloud Security
and
Software Security Framework
Secure design and development of modern payment software is a key priority for the PCI SSC.
READ MORE
Patching: Payment Data Security Essential for SMBs
Posted by
Laura K. Gray
on
18 Oct, 2017
in
Small Business
and
Patching
and
QIR
and
Small Merchant Resources
and
Cyber Security Awareness Month
When businesses don’t apply software patches from vendors, they open themselves up to attacks, which...
READ MORE
Vote Now for 2018 Special Interest Group Projects
Posted by
Laura K. Gray
on
17 Oct, 2017
in
SIGs
and
Participation
From now through 31 October PCI SSC Participating Organizations are invited to vote on proposals for...
READ MORE
Insecure Remote Access: Top Risk for SMBs
Posted by
Laura K. Gray
on
10 Oct, 2017
in
Small Business
and
Infographic
and
QIR
and
Small Merchant Resources
and
Cyber Security Awareness Month
and
Third Party Risk
and
Remote Access
Recent attack trends show that hackers are beginning to move their focus to smaller merchants that h...
READ MORE
Infographic: 3 Payment Data Security Essentials SMBs Shouldn’t Ignore
Posted by
Laura K. Gray
on
3 Oct, 2017
in
Small Business
and
Infographic
and
Patching
and
Passwords
and
Small Merchant Resources
and
Educational Resource
and
Remote Access
Attacks on POS systems at brick-and-mortar businesses are on the rise, leading to costly payment d...
READ MORE
Request for Comments: PCI Card Production and Provisioning ROCs
Posted by
PCI Security Standards Council
on
27 Sep, 2017
in
Participation
and
Request for Comments
From 20 September to 20 October, PCI SSC stakeholders have the opportunity to review and provide fee...
READ MORE
PCI in Japan: Training for Merchants and Assessors Supports PCI DSS Adoption
Posted by
Laura K. Gray
on
19 Sep, 2017
in
Training
and
PCI DSS
and
QSA
and
APAC
The PCI Security Standards Council continues to work with stakeholders in Japan to help support PCI ...
READ MORE
Locking Up Remote Access
Posted by
PCI Security Standards Council
on
15 Sep, 2017
in
Software
and
Small Business
and
Point of Sale (POS)
and
QIR
and
Multi-Factor Authentication
and
Third Party Risk
and
Remote Access
An analysis of account data compromises found that insecure remote access is the #1 point of entry f...
READ MORE
Feedback Period: PCI DSS and PA-DSS
Posted by
PCI Security Standards Council
on
8 Sep, 2017
in
PCI DSS
and
PA-DSS
and
Participation
and
Request for Comments
From 6 September to 15 November, PCI SSC stakeholders have the opportunity to provide feedback on th...
READ MORE
Council CTO on Verizon’s Payment Security Report
Posted by
Lindsay Goodspeed
on
31 Aug, 2017
in
Small Business
and
Community Meetings
and
Interview
and
QIR
and
Compliance
and
Small Merchant Resources
and
BAU
Verizon recently released its 2017 Payment Security Report. In advance of the upcoming North America...
READ MORE
Keeping up to Date with PCI DSS Dates
Posted by
Gill Woodcock
on
25 Aug, 2017
in
TLS/SSL
and
PCI DSS
and
Scoping
and
Segmentation
and
Multi-Factor Authentication
In our previous post, we highlighted recommendations for preparing for the 30 June 2018 PCI Data Sec...
READ MORE
What’s Next for the QSA Program?
Posted by
Laura K. Gray
on
23 Aug, 2017
in
Interview
and
QSA
and
3DS
In March 2017 the PCI SSC announced plans to evolve the PCI Qualified Security Assessors (QSA) Pro...
READ MORE
Request for Comments: PCI PIN Standard
Posted by
PCI Security Standards Council
on
21 Aug, 2017
in
Point of Sale (POS)
and
ATM Security
and
PTS POI
and
QSA
and
Participation
and
Request for Comments
From 18 August to 18 September, PCI SSC stakeholders have the opportunity to review and provide feed...
READ MORE
Associate QSA Program: Coming Soon
Posted by
Laura K. Gray
on
14 Aug, 2017
in
Interview
and
PCI SSC
and
QSA
In March 2017 the PCI SSC announced plans to develop an Associate QSA certification program, as pa...
READ MORE
FAQ: Is Two-Step Authentication Acceptable for PCI DSS Requirement 8.3?
Posted by
Laura K. Gray
on
11 Aug, 2017
in
Passwords
and
PCI DSS
and
Multi-Factor Authentication
and
FAQ
and
Remote Access
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated ...
READ MORE
PCI Special Interest Groups: Industry Collaboration at its Best
Posted by
Laura K. Gray
on
10 Aug, 2017
in
Interview
and
SIGs
and
Participation
Special Interest Groups (SIGs) are community-driven initiatives that focus on payment security cha...
READ MORE
Navigating your Path to Payment Security with the Prioritized Approach to PCI DSS
Posted by
Lauren Holloway
on
8 Aug, 2017
in
PCI DSS
and
Prioritized Approach
Director of Data Security Standards Lauren Holloway discusses a roadmap organizations can use to m...
READ MORE
What’s Next for PCI DSS?
Posted by
Laura K. Gray
on
3 Aug, 2017
in
Interview
and
PCI DSS
PCI Data Security Standard (PCI DSS) version 3.2 was published in April 2016. In this blog post we...
READ MORE
Reducing Risk: SSL/Early TLS Mitigation and Migration
Posted by
Laura K. Gray
on
28 Jul, 2017
in
eCommerce
and
Patching
and
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
Is your organization still using the SSL/early TLS protocols? Do you work with online and e-commer...
READ MORE
The State of Payment Security in Brazil
Posted by
Lindsay Goodspeed
on
25 Jul, 2017
in
Malware
and
Events
and
Community Meetings
and
Interview
and
ATM Security
Leading up to the Latin America Forum in São Paulo, Brazil, Associate Regional Director Carlos Cae...
READ MORE
FAQ: How does Encrypted Cardholder Data Impact PCI DSS Scope?
Posted by
Laura K. Gray
on
21 Jul, 2017
in
Point to Point Encryption (P2PE)
and
PCI DSS
and
Scoping
and
Encryption
and
FAQ
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated ...
READ MORE
Demystifying the NESA
Posted by
Laura K. Gray
on
13 Jul, 2017
in
Point to Point Encryption (P2PE)
and
Interview
and
Encryption
and
NESA
Point-to-Point Encryption (P2PE) technology makes data unreadable so it has no value to criminals ...
READ MORE
Mobile Payment Acceptance: A Look at PCI’s New Software-Based PIN-Entry Initiative
Posted by
Laura K. Gray
on
10 Jul, 2017
in
Software
and
Interview
and
PTS POI
and
Mobile
and
SPoC
The PCI Security Standards Council has been discussing with stakeholders plans for a new security ...
READ MORE
Are You Ready for 30 June 2018? Saying Goodbye to SSL/early TLS
Posted by
Laura K. Gray
on
30 Jun, 2017
in
eCommerce
and
Patching
and
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
Is your organization still using the SSL/early TLS protocols? Do you work with online and e-commer...
READ MORE
Industry Participation Critical to Payment Security
Posted by
Mauro Lance
on
20 Jun, 2017
in
Awareness
and
Board of Advisors
and
Participation
At the PCI Security Standards Council (PCI SSC) one of our core values is participation.
READ MORE
Resource Guide: Defending Against Phishing Attacks
Posted by
Lindsay Goodspeed
on
20 Jun, 2017
in
Software
and
Small Business
and
eCommerce
and
Phishing
and
Small Merchant Resources
and
Educational Resource
and
Resource Guide
Hackers use phishing and other social engineering methods to target organizations with legitimate-...
READ MORE
Council Adds Training to Bolster Secure Payment Application Installation
Posted by
Lindsay Goodspeed
on
1 Jun, 2017
in
Training
and
Interview
and
QIR
and
Remote Access
In 2012 it was reported that 76% of data breaches were a result of security vulnerabilities introd...
READ MORE
Consumers in Japan Push Businesses on Payment Security
Posted by
Jeremy King
on
31 May, 2017
in
Breaches
and
APAC
For a nation at the forefront of technological innovation and adoption, consumers concerns about p...
READ MORE
Infographic: It’s Time to Change your Password
Posted by
Lindsay Goodspeed
on
24 May, 2017
in
Infographic
and
Passwords
and
Educational Resource
Passwords are critical for computer and payment data security. Just like a lock on the door protec...
READ MORE
5 Questions with Swati Sharma
Posted by
Lindsay Goodspeed
on
12 May, 2017
in
Community Meetings
and
TLS/SSL
and
Interview
and
QSA
Leading up to the Asia-Pacific Community Meeting in Bangkok, Thailand, speaker Swati Sharma, QSA, ...
READ MORE
5 Questions with Chalee Vorakulpipat
Posted by
Lindsay Goodspeed
on
8 May, 2017
in
Community Meetings
and
Awareness
and
Interview
Leading up to the Asia-Pacific Community Meeting in Bangkok, Thailand, keynote speaker Chalee Vora...
READ MORE
Cybercrime challenges Asia-Pacific’s business landscape
Posted by
Jeremy King
on
2 May, 2017
in
Breaches
and
Hackers
and
PCI SSC
Asia-Pacific is one of the leading regional hotspots for cybercrime. It’s been estimated that busi...
READ MORE
Making the E-commerce Channel Safer
Posted by
Lindsay Goodspeed
on
26 Apr, 2017
in
eCommerce
and
Interview
and
SIGs
The Council published Best Practices for Securing E-commerce which educates merchants on accepting...
READ MORE
Hacking is an Industry – The Cybersecurity Skills Pipeline is not Strong Enough to Keep it at Bay
Posted by
Mauro Lance
on
25 Apr, 2017
in
Training
and
Hackers
and
QSA
Hackers are proactive, relentless and constantly testing ways to exploit payment data for financia...
READ MORE
Your Smart Home – A Hacker’s Playground?
Posted by
Jeremy King
on
18 Apr, 2017
in
Breaches
and
PCI SSC
and
IoT
The truly smart home is closer than we think. A world where the toaster talks to the kettle, and t...
READ MORE
Insights from a PCI Forensic Investigator
Posted by
Laura K. Gray
on
12 Apr, 2017
in
PCI Forensic Investigator (PFI)
and
Breaches
and
Interview
and
PCI SSC
At the PCI Acquirer Forum in Las Vegas on 9 May, PCI Forensic Investigator (PFI) Tom Arnold, Payme...
READ MORE
Making Payments Safer with PCI P2PE Solutions
Posted by
Lindsay Goodspeed
on
11 Apr, 2017
in
Point to Point Encryption (P2PE)
and
Interview
Point-to-point encryption (P2PE) protects cardholder data from cybercriminals by encrypting data f...
READ MORE
Infographic: Protecting your Payment Data from Malware
Posted by
Lindsay Goodspeed
on
10 Apr, 2017
in
Small Business
and
Infographic
and
Malware
and
Small Merchant Resources
and
Educational Resource
Hackers use malicious code called malware (also called viruses) to break into computer systems and...
READ MORE
Insights from the Verizon Data Breach Investigations Report
Posted by
Lindsay Goodspeed
on
29 Mar, 2017
in
Interview
and
MEAF
and
Third Party Risk
and
Remote Access
In this post, we get insights from Chris Novak, Global Director of Verizon Enterprise Solutions. H...
READ MORE
Minding the Cybersecurity Gap: New Associate QSA Program
Posted by
Laura K. Gray
on
29 Mar, 2017
in
Interview
and
PCI SSC
and
QSA
At the PCI Middle East and Africa Forum in Cape Town, the PCI SSC announced plans to evolve the PC...
READ MORE
Foregenix CEO on State of Payments in the African Region
Posted by
Lindsay Goodspeed
on
23 Mar, 2017
in
Point to Point Encryption (P2PE)
and
Interview
and
MEAF
In this post, we get insights from Andrew Henwood CEO, Foregenix. He will present Local is Lekker:...
READ MORE
Making a Global Impact: Shaping Payment Security in 2017
Posted by
Laura K. Gray
on
15 Mar, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the election period for the next P...
READ MORE
How the SHA-1 Collision Impacts Security of Payments
Posted by
Lindsay Goodspeed
on
14 Mar, 2017
in
Guidance
and
Encryption
and
PTS POI
Recently, Google and CWI Institute in Amsterdam announced that they successfully created a “hash col...
READ MORE
Resource Guide: Preventing Skimming Attacks
Posted by
Lindsay Goodspeed
on
6 Mar, 2017
in
Small Business
and
Skimming
and
Point of Sale (POS)
and
Small Merchant Resources
and
ATM Security
and
Educational Resource
and
Resource Guide
“Skimming devices” sweep up your customers’ payment card data off the magnetic stripe when swiped ...
READ MORE
Making a Global Impact: Cartes Bancaires
Posted by
Laura K. Gray
on
20 Feb, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Special Interest Group Q&A on E-Commerce Best Practices
Posted by
Lindsay Goodspeed
on
15 Feb, 2017
in
eCommerce
and
SIGs
The Council just published Best Practices for Securing E-commerce which educates merchants on accept...
READ MORE
Making a Global Impact: Wells Fargo
Posted by
Laura K. Gray
on
13 Feb, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Understanding New PCI Guidance on MFA
Posted by
Laura K. Gray
on
9 Feb, 2017
in
Guidance
and
Passwords
and
Interview
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
Attackers continue to compromise valid credentials to access company networks and steal data. To h...
READ MORE
Making a Global Impact: Ingenico
Posted by
Laura K. Gray
on
7 Feb, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Resource Guide: Defending Against Ransomware
Posted by
Lindsay Goodspeed
on
6 Feb, 2017
in
Software
and
Small Business
and
eCommerce
and
Malware
and
Small Merchant Resources
and
Educational Resource
and
Ransomware
and
Resource Guide
Ransomware is the fastest growing malware threat. In a ransomware attack, criminals will infiltrat...
READ MORE
Making a Global Impact: Barclaycard
Posted by
Laura K. Gray
on
1 Feb, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Council CTO on E-commerce Best Practices
Posted by
Lindsay Goodspeed
on
31 Jan, 2017
in
eCommerce
and
TLS/SSL
and
SIGs
The Council just published Best Practices for Securing E-commerce which educates merchants on acce...
READ MORE
What do new PCI DSS SAQ changes mean?
Posted by
Laura K. Gray
on
30 Jan, 2017
in
PCI DSS
Self-Assessment Questionnaires (SAQ) are forms used by eligible organizations to report the result...
READ MORE
Google Warns Users of Insecure Sites: What You Need to Know
Posted by
Lindsay Goodspeed
on
25 Jan, 2017
in
Small Business
and
eCommerce
and
TLS/SSL
and
SIGs
By the end of January, Google will update its Chrome browser to warn users when a website that acc...
READ MORE
Making a Global Impact: Worldpay
Posted by
Laura K. Gray
on
25 Jan, 2017
in
Interview
and
Board of Advisors
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
3 Things To Know About Ransomware, Fast
Posted by
Laura K. Gray
on
24 Jan, 2017
in
Patching
and
Malware
and
Hackers
and
Phishing
and
Data Privacy Day
and
Ransomware
In the spirit of Data Privacy Day and raising awareness around safeguarding data against cybercrim...
READ MORE
Resource Guide: Tips to Protect Online Businesses from Cyberattack
Posted by
Lindsay Goodspeed
on
3 Jan, 2017
in
Small Business
and
eCommerce
and
Patching
and
Passwords
and
Malware
and
Small Merchant Resources
and
Educational Resource
and
Resource Guide
Small and medium businesses are a growing target for cybercriminals. Using the internet, data thie...
READ MORE
SMB Security Tips: Protect Your Business from the Internet
Posted by
Laura K. Gray
on
21 Dec, 2016
in
Small Business
and
Breaches
and
Hackers
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
SMB Security Tips: Devalue Your Payment Card Data
Posted by
Laura K. Gray
on
21 Dec, 2016
in
Small Business
and
Breaches
and
Hackers
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
SMB Security Tips: Check for Software “Bugs”
Posted by
Laura K. Gray
on
20 Dec, 2016
in
Small Business
and
Breaches
and
Hackers
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
SMB Security Tips: Fight Off Malware
Posted by
Laura K. Gray
on
19 Dec, 2016
in
Small Business
and
Breaches
and
Malware
and
Hackers
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
Assessor Viewpoint: Q&A on Scoping and Segmentation Guidance
Posted by
Lindsay Goodspeed
on
15 Dec, 2016
in
Guidance
and
Interview
and
PCI DSS
and
Scoping
and
Segmentation
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify...
READ MORE
SMB Security Tips: Don’t Leave the Door Open for Hackers
Posted by
Laura K. Gray
on
9 Dec, 2016
in
Small Business
and
Breaches
and
Hackers
and
Small Merchant Resources
and
SMB Series
and
Remote Access
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
Council CTO Discusses Scoping and Segmentation Guidance
Posted by
Lindsay Goodspeed
on
9 Dec, 2016
in
Interview
and
PCI DSS
and
Scoping
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify...
READ MORE
Worldpay: Fighting Back Against Fraud with PCI P2PE
Posted by
Laura K. Gray
on
30 Nov, 2016
in
Small Business
and
Point to Point Encryption (P2PE)
and
Interview
and
Small Merchant Resources
Point-to-Point Encryption (P2PE) technology makes data unreadable so it has no value to criminals ev...
READ MORE
SMB Security: 3 Steps To Protect Online Businesses Against Cybercrime
Posted by
Elizabeth Terry
on
29 Nov, 2016
in
Software
and
Small Business
and
Holidays
and
eCommerce
and
Breaches
and
Patching
and
Passwords
and
Hackers
and
Phishing
and
Small Merchant Resources
and
SMB Series
With the holidays around the corner and with 57% of consumers shopping online (National Retail Fed...
READ MORE
SMB Security Tips: Keep Hackers Out!
Posted by
Laura K. Gray
on
22 Nov, 2016
in
Small Business
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
P2PE: Assessing Non-listed Encryption Solutions
Posted by
Laura K. Gray
on
22 Nov, 2016
in
Point to Point Encryption (P2PE)
Point-to-Point Encryption (P2PE) technology makes data unreadable so it has no value to criminals ...
READ MORE
5 Questions with Community Meeting Speaker David Phister
Posted by
Lindsay Goodspeed
on
16 Nov, 2016
in
Community Meetings
and
Interview
and
ATM Security
In this post, we get insights from David Phister, Diebold Nixdorf Product Management – Platform Se...
READ MORE
SMB Security Tips: Vendor Security
Posted by
Laura K. Gray
on
10 Nov, 2016
in
Small Business
and
Small Merchant Resources
and
SMB Series
and
Remote Access
Small and medium businesses around the world are increasingly at risk for payment data theft. Nearly...
READ MORE
SMB Security Tips: There’s a Patch for That!
Posted by
Laura K. Gray
on
28 Oct, 2016
in
Small Business
and
Patching
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Nearly...
READ MORE
Cyber Security Awareness Month: Building a Culture of Security
Posted by
Lindsay Goodspeed
on
28 Oct, 2016
in
Small Business
and
Interview
and
PCI DSS
and
Cyber Security Awareness Month
and
BAU
As an Official Champion of National Cyber Security Awareness Month (NCSAM), the PCI Council will b...
READ MORE
How Awareness Training Can Reduce Data Breach Costs
Posted by
Lindsay Goodspeed
on
27 Oct, 2016
in
Training
and
Phishing
and
Awareness
and
Interview
and
Cyber Security Awareness Month
To mark Global Payment Security Education Week: 24-28 October 2016, the PCI Council is offering fr...
READ MORE
5 Questions with Community Meeting Speaker Brian Hussey
Posted by
Lindsay Goodspeed
on
19 Oct, 2016
in
Community Meetings
and
Interview
In this post, we get insights from Brian Hussey, Global Director of Incident Response & Readiness ...
READ MORE
SMB Security Tips: Inspect and Protect
Posted by
Laura K. Gray
on
18 Oct, 2016
in
Small Business
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
5 Questions with Community Meeting Speaker Christopher Novak
Posted by
Lindsay Goodspeed
on
18 Oct, 2016
in
Small Business
and
Community Meetings
and
Interview
In this post, we get insights from Christopher Novak, Director, Investigative Response, Verizon RI...
READ MORE
5 Questions with Community Meeting Speaker Chris Strand
Posted by
Lindsay Goodspeed
on
17 Oct, 2016
in
Community Meetings
and
Interview
In this post, we get insights from Chris Strand, Security and Risk Compliance Officer at Carbon Bl...
READ MORE
How Company Culture Can Defend Against Cyber Attacks
Posted by
Lindsay Goodspeed
on
13 Oct, 2016
in
Small Business
and
Point to Point Encryption (P2PE)
and
Passwords
and
PCI DSS
and
Cyber Security Awareness Month
As an Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sh...
READ MORE
Securing Account Data with Point-to-Point Encryption
Posted by
Laura K. Gray
on
12 Oct, 2016
in
Point to Point Encryption (P2PE)
and
Interview
Point-to-Point Encryption (P2PE) is a critical technology for devaluing payment card data and prev...
READ MORE
SMB Security Tips: If You Don’t Need It, Don’t Store It
Posted by
Laura K. Gray
on
10 Oct, 2016
in
Small Business
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
SMB Security Tips: The Power of the Password
Posted by
Laura K. Gray
on
7 Oct, 2016
in
Small Business
and
Passwords
and
Small Merchant Resources
and
SMB Series
Small and medium businesses around the world are increasingly at risk for payment data theft. Near...
READ MORE
Cyber Security Awareness Month: Phishing
Posted by
Lindsay Goodspeed
on
6 Oct, 2016
in
Phishing
and
Community Meetings
and
Cyber Security Awareness Month
As an Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sh...
READ MORE
5 Questions with Community Meeting Speaker Beth O’Brien
Posted by
Laura K. Gray
on
19 Sep, 2016
in
Passwords
and
Community Meetings
and
Interview
In this post, we get insights from Beth O’Brien, Principal Product Marketing Manager, RSA, The Sec...
READ MORE
5 Questions with Community Meeting Speaker Peggy Nolan
Posted by
Laura K. Gray
on
16 Sep, 2016
in
Community Meetings
and
Interview
and
SIGs
In this post, we get insights from Peggy Nolan Principal IT Compliance Analyst at Liberty Mutual G...
READ MORE
5 Questions with Community Meeting Speaker Tim Rohrbaugh
Posted by
Laura K. Gray
on
14 Sep, 2016
in
Community Meetings
and
Interview
In this post, we get insights from Tim Rohrbaugh, VP North America, ControlCase, along with Kishor...
READ MORE
The North America Community Meeting Mobile App is Here!
Posted by
Laura K. Gray
on
14 Sep, 2016
in
Community Meetings
The North America Community Meeting mobile app is a free and easy-to-use resource. Access the latest...
READ MORE
5 Questions with Community Meeting Speaker Joseph Pierini
Posted by
Laura K. Gray
on
13 Sep, 2016
in
Community Meetings
and
Interview
and
Penetration Testing
and
SIGs
In this post, we get insights from Joseph Pierini, Director of Technical Services at Payment Softw...
READ MORE
5 Questions with Community Meeting Speaker Jacob Ansari
Posted by
Laura K. Gray
on
12 Sep, 2016
in
Community Meetings
and
Interview
and
Compliance
In this post, we get insights from Jacob Ansari, Manager at Schellman & Company, Inc. He will pres...
READ MORE
Amazon Web Services: Cloud Security and PCI DSS 3.2 Compliance
Posted by
Laura K. Gray
on
9 Sep, 2016
in
Community Meetings
and
Interview
and
PCI DSS
and
Cloud Security
Cloud service provider Amazon Web Services (AWS) recently announced its successful adoption of the l...
READ MORE
5 Questions with Greg Johnson
Posted by
Laura K. Gray
on
1 Sep, 2016
in
Passwords
and
Community Meetings
and
Interview
In this post, we get insights from Greg Johnson, Vice President of business development at A-Lign. H...
READ MORE
National Restaurant Association: The Bottom Line: Your Business is at Risk
Posted by
Laura K. Gray
on
26 Jul, 2016
in
Small Business
and
Interview
and
PCI DSS
In this blog post we talk with the National Restaurant Association’s David Matthews, co-chair of the...
READ MORE
Barclaycard: Simplifying payment security
Posted by
Laura K. Gray
on
19 Jul, 2016
in
Small Business
and
Interview
and
PCI DSS
The PCI Security Standards Council (PCI SSC) Small Merchant Taskforce recently published a set of pa...
READ MORE
Focusing on the Fundamentals: Payment Protection Resources for Small Businesses
Posted by
Laura K. Gray
on
7 Jul, 2016
in
Small Business
and
Interview
and
PCI DSS
The Council has just published a set of payment data protection basics for small businesses.
READ MORE
Assessor Viewpoint: Adopting PCI DSS 3.2, multi-factor authentication and more
Posted by
Laura K. Gray
on
1 Jun, 2016
in
Passwords
and
TLS/SSL
and
Interview
and
PCI DSS
and
Multi-Factor Authentication
Following publication of PCI Data Security Standard version 3.2 (PCI DSS) we sat down with
READ MORE
PA-DSS 3.2: What’s New?
Posted by
Laura K. Gray
on
27 May, 2016
in
Interview
and
PCI DSS
and
PA-DSS
and
QIR
and
Remote Access
The Council has just released version 3.2 of the Payment Application Data Security Standard (PA-DSS)...
READ MORE
PCI DSS 3.2: What’s New with SAQs
Posted by
Laura K. Gray
on
3 May, 2016
in
TLS/SSL
and
Interview
and
PCI DSS
In our previous PCI DSS 3.2: What’s New? post, we outlined the key changes in the latest version of ...
READ MORE
PCI DSS 3.2: What’s New?
Posted by
Laura K. Gray
on
28 Apr, 2016
in
TLS/SSL
and
Interview
and
PCI DSS
With the ink barely dry on the newest version of the industry standard for payment data protection, ...
READ MORE
Preparing for PCI DSS 3.2: Summary of Changes
Posted by
Laura K. Gray
on
19 Apr, 2016
in
TLS/SSL
and
Interview
and
PCI DSS
In our earlier blog post Planning for PCI DSS 3.2: Key Dates, we outlined important dates and milest...
READ MORE
SSL/Early TLS: Navigating Payment Application Validations
Posted by
Brandy Cumberland
on
11 Apr, 2016
in
TLS/SSL
and
Interview
The removal of Secure Sockets Layer (SSL)/ early Transport Layer Security (TLS) as examples of sec...
READ MORE
Why Become a PCI Professional? Here are 3 Good Reasons
Posted by
Gill Woodcock
on
8 Apr, 2016
in
Guidance
and
Training
and
Awareness
and
PCI DSS
and
PCI Professional
If you are looking at the PCI Professional (PCIP) program you may be asking “What’s in it for me?” o...
READ MORE
Planning for PCI DSS 3.2: Key Dates
Posted by
Laura K. Gray
on
31 Mar, 2016
in
TLS/SSL
and
PCI DSS
In our Preparing for PCI DSS 3.2: What to Expect in 2016 blog post earlier this year, we outlined wh...
READ MORE
ECPA and PCI: Collaborating on Global Payment Data Protection
Posted by
Laura K. Gray
on
22 Mar, 2016
in
Interview
In this blog post we talk with International Director Jeremy King on how the European Card Payment A...
READ MORE
Chris Novak: "Nobody is Immune from Breaches"
Posted by
Laura K. Gray
on
17 Mar, 2016
in
Interview
and
Middle East
The PCI Security Standards Council will host the second Middle East Forum on 6-7 April 2016 in Dubai...
READ MORE
SSL/Early TLS: Working with an ASV on Failed Scans
Posted by
Laura K. Gray
on
10 Mar, 2016
in
TLS/SSL
and
Interview
In removing Secure Sockets Layer (SSL)/ early Transport Layer Security (TLS) as examples of secure e...
READ MORE
Devaluing Data with Point-to-Point Encryption: 3 Tips for Merchants
Posted by
Jeremy King
on
4 Mar, 2016
in
Point to Point Encryption (P2PE)
There are many points payment card data can be exposed as it travels through a merchant’s systems ...
READ MORE
A View from the Middle East with Izdehar Safarini
Posted by
Laura K. Gray
on
2 Mar, 2016
in
Interview
and
Middle East
The PCI Security Standards Council will host the second Middle East Forum on 6-7 April 2016 in Dubai...
READ MORE
Preparing for PCI DSS 3.2: What to Expect in 2016
Posted by
Laura K. Gray
on
17 Feb, 2016
in
TLS/SSL
and
Interview
and
PCI DSS
With the December 2015 bulletin extending the deadline for Secure Sockets Layer (SSL)/Early Transpor...
READ MORE
Acquirers: The Acquirer Checklist Resource is Available for Download!
Posted by
Brandy Cumberland
on
5 Feb, 2016
in
Acquirers
One exciting topic from our recent PCI Acquirer Forum conference call was the introduction of the op...
READ MORE
Assessing and Reporting Against PCI DSS v3.1: The Impact of New Migration Dates for SSL and Early TLS
Posted by
Emma Sutcliffe
on
3 Feb, 2016
in
TLS/SSL
On 18 December 2015 the Council extended the PCI Data Security Standard (PCI DSS) deadline for mig...
READ MORE
It's Data Privacy Day! Awareness starts with you.
Posted by
Linda Rudder
on
28 Jan, 2016
in
Training
and
Awareness
International Data Privacy Day is designed to raise awareness and promote best practices for protect...
READ MORE
3 Ways to Protect Against Phishing Attacks in 2016
Posted by
Laura K. Gray
on
25 Jan, 2016
in
Phishing
“Phishing” happens when cybercriminals use specially crafted, seemingly legitimate-looking emails ...
READ MORE
Acquirers: There's a PCI Forum Just for You!
Posted by
Laura K. Gray
on
15 Jan, 2016
in
Acquirers
and
Events
Merchants rely heavily on their acquiring banks to help them with their PCI security efforts. We und...
READ MORE
A Closer Look: The PCI Forensic Investigator (PFI) Program
Posted by
Gill Woodcock
on
8 Jan, 2016
in
PCI Forensic Investigator (PFI)
and
Training
and
Certification
Data breaches have been in the news a great deal lately, and in the event of a breach of cardholder ...
READ MORE
PCI Changes Date for Migrating from SSL and Early TLS
Posted by
Laura K. Gray
on
5 Jan, 2016
in
eCommerce
and
TLS/SSL
As noted in our initial post in December 2015, the Council officially extended the migration complet...
READ MORE
TEST Security: Could You and Your Employees Pass a Security Awareness Test?
Posted by
Laura K. Gray
on
23 Dec, 2015
in
Small Business
and
Holidays
and
Passwords
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
TEST Security: Are You Using Tested Products and Vendors?
Posted by
Laura K. Gray
on
23 Dec, 2015
in
Small Business
and
Point to Point Encryption (P2PE)
and
Holidays
and
Vendors
and
QIR
and
Remote Access
and
Validated Payment Applications
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
TEST Security: Who’s Checking Your POS Device for Skimming?
Posted by
Laura K. Gray
on
23 Dec, 2015
in
Small Business
and
Holidays
and
Skimming
and
Point of Sale (POS)
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
TEST Security: Is Your Anti-Hacking Software Working?
Posted by
Laura K. Gray
on
23 Dec, 2015
in
Software
and
Small Business
and
Holidays
and
Patching
and
Malware
and
Hackers
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
CHECK Controls: Don’t Lose Your Business to a Bad Password!
Posted by
Laura K. Gray
on
22 Dec, 2015
in
Small Business
and
Holidays
and
Passwords
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
Be AWARE: Repelling Attacks by Killer Web Apps
Posted by
Laura K. Gray
on
22 Dec, 2015
in
Small Business
and
Apps
and
Malware
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
CHECK Controls: Using a Firewall to Block Attacks from the Internet
Posted by
Laura K. Gray
on
21 Dec, 2015
in
Small Business
and
Holidays
and
Patching
and
Firewalls
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
Date Change for Migrating from SSL and Early TLS
Posted by
Laura K. Gray
on
18 Dec, 2015
in
eCommerce
and
TLS/SSL
The Payment Card Industry Security Standards Council (PCI SSC) is extending the migration completion...
READ MORE
Be AWARE: Restricting Unauthorized Access
Posted by
Laura K. Gray
on
17 Dec, 2015
in
Small Business
and
Holidays
and
Apps
and
QIR
and
Remote Access
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
CHECK Controls: Plugging Security Holes with Patching
Posted by
Laura K. Gray
on
17 Dec, 2015
in
Small Business
and
Holidays
and
Patching
and
QIR
and
Approved Scanning Vendors
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
CHECK Controls: Protecting Cardholder Data with Encryption
Posted by
Laura K. Gray
on
15 Dec, 2015
in
Small Business
and
Point to Point Encryption (P2PE)
and
Holidays
Our 12 Days of Tips series explores how small retailers can ACT now to repel data thieves during thi...
READ MORE
New PCI SSC Blog: PCI Perspectives
Posted by
Laura K. Gray
on
11 Dec, 2015
in
Welcome
It’s official. We’re launching a blog! What does that mean for you?
READ MORE
Be AWARE: Malware Is One Gift You Don’t Want This Holiday!
Posted by
Laura K. Gray
on
11 Nov, 2015
in
Software
and
Small Business
and
Holidays
and
Patching
and
Malware
Our 12-post series explores how small retailers can ACT now to repel data thieves during this prime ...
READ MORE
Be AWARE: How “Skimmers” Steal Payment Card Data
Posted by
Laura K. Gray
on
9 Nov, 2015
in
Small Business
and
Holidays
and
Skimming
Our 12-post series explores how small retailers can ACT now to repel data thieves during this prime ...
READ MORE
ACT now to get ahead of the holiday hacker season!
Posted by
Laura K. Gray
on
6 Nov, 2015
in
Small Business
and
Holidays
Small Business: You are the prime holiday target for computer hackers! Why should you be concerned?
READ MORE
Assessor Viewpoint: On PCI Point-to-Point Encryption (P2PE) Solutions
Posted by
Dr. Stephan Engelke
on
5 Nov, 2015
in
Point to Point Encryption (P2PE)
Many merchants face issues in becoming PCI Data Security Standard (DSS) compliant and maintaining th...
READ MORE
Thoughts from the PCI Community Meeting
Posted by
Rob Sadowski, RSA
on
5 Oct, 2015
in
Community Meetings
The annual Community Meetings are the best way for anyone who has a stake in payment security to tak...
READ MORE
Collaboration: the Word of the Week
Posted by
Kelly Funk
on
3 Oct, 2015
in
Community Meetings
Who would have thought that a pilot, a journalist, numerous industry experts and myself would all se...
READ MORE
The Endgame: Devaluing the Data Infographic
Posted by
Laura K. Gray
on
30 Sep, 2015
in
Infographic
and
Community Meetings
“Let’s talk about our endgame. It’s about devaluing the data.” That’s how General Manager Stephen Or...
READ MORE
New Guidance: Responding to a Data Breach
Posted by
Laura K. Gray
on
29 Sep, 2015
in
Breaches
and
Guidance
and
Community Meetings
For any organization connected to the internet, it is not a question of if but when their business w...
READ MORE
Mobile App: A Convenient Resource At Your Fingertips
Posted by
Linda Rudder
on
22 Sep, 2015
in
Community Meetings
It’s the Community Meeting Mobile App – and it’s simple to use! With this resource, you can access t...
READ MORE
How Blockchain Technology Offers Improvements to Payment Security
Posted by
Laura K. Gray
on
22 Sep, 2015
in
Community Meetings
In this post, we get insights from Ashok Misra, CISSP, Founder at Alina Consultants. He will present...
READ MORE
Training Opportunities at the Community Meetings
Posted by
Linda Rudder
on
3 Sep, 2015
in
Training
and
Community Meetings
You already know the PCI SSC Community Meetings are a unique opportunity to get the latest technolog...
READ MORE
Myths and Realities of PCI DSS Compliance in the Cloud
Posted by
Laura K. Gray
on
24 Aug, 2015
in
Community Meetings
In this post, we get insights from Eric Naiburg, Director of Marketing at INetU. He will present in ...
READ MORE
City of Calgary: The Big Picture of PCI DSS Compliance
Posted by
Laura K. Gray
on
20 Aug, 2015
in
Community Meetings
In this blog post, we get insights from Lynda Daniluk, PCI Coordinator at the City of Calgary. She w...
READ MORE
Get the latest articles right in your inbox
Subscribe Here
CATEGORIES
3DS
(8)
Acquirers
(2)
APAC
(5)
Approved Scanning Vendors
(2)
Apps
(23)
Assessors
(4)
ATM Security
(6)
Awareness
(21)
BAU
(8)
Board of Advisors
(12)
Brazil
(8)
Breaches
(15)
Card Production
(1)
Card Production Standard
(1)
Case Study
(9)
Certification
(6)
Cloud Security
(4)
Community Meetings
(54)
Compliance
(6)
Contactless
(7)
CPSA Program
(1)
Cyber Security Awareness Month
(7)
Data Privacy Day
(2)
eCommerce
(15)
Educational Resource
(11)
Encryption
(13)
Events
(2)
FAQ
(7)
Firewalls
(3)
Guidance
(16)
Hackers
(13)
Holidays
(14)
India
(2)
Infographic
(12)
Internal Security Assessor (ISA)
(3)
Interview
(114)
IoT
(2)
Key Blocks
(5)
Malware
(10)
MEAF
(3)
Middle East
(2)
Mobile
(19)
Multi-Factor Authentication
(14)
NESA
(1)
PA-DSS
(15)
Participation
(42)
Passwords
(24)
Patching
(22)
PCI DSS
(59)
PCI Forensic Investigator (PFI)
(3)
PCI Professional
(3)
PCI SSC
(20)
PCIP
(1)
Penetration Testing
(1)
Phishing
(8)
PIN Assessments
(1)
PIN Security Standard
(7)
Point of Sale (POS)
(4)
Point to Point Encryption (P2PE)
(26)
Prioritized Approach
(1)
PTS POI
(8)
QIR
(24)
QPA
(1)
QSA
(19)
Ransomware
(3)
Regional Engagement Board
(8)
Remote Access
(22)
Request for Comments
(18)
Resource Guide
(9)
Scoping
(4)
Segmentation
(2)
SIGs
(15)
Skimming
(4)
Small Business
(57)
Small Merchant Resources
(41)
SMB Series
(18)
Software
(34)
Software Security Framework
(16)
SPoC
(12)
Strategic Framework
(5)
Third Party Risk
(6)
TLS/SSL
(25)
Training
(19)
Validated Payment Applications
(1)
Vendors
(3)
Video
(5)
Webinar
(1)
Welcome
(1)
MOST READ
MUST READ
MOST READ
MUST READ
