Contact
FAQs
Change Your Language
English
Français (French)
Français (Canada)
Español
日本語
Deutsch
Italiano
Português
中文
Русский
Türkçe
Toggle Menu
Get Started
Get Started
COVID-19 Resources
PCI Security Essentials
Overview
Why Security Matters
How to Secure
Maintaining Payment Security
Completing Self Assessment
Standards Overview
Glossary
Merchant Resources
Getting Started with PCI
Data Security Essentials Evaluation Tool
PCI Perspectives Blog
Self-Assessment Questionnaires (SAQ)
Assessors & Solutions
Assessors & Solutions
Assessor Overview
COVID-19 Resources
Assessors
3DS Assessors
Approved Scanning Vendors
Card Production Security Assessors
Internal Security Assessors
Payment Application Assessors
Point-to-Point Encryption Assessors
Qualified PIN Assessors
Qualified Security Assessors
Software Security Framework Assessors
Products and Solutions
3DS Software Development Kits
Approved PTS Devices
Payment Applications (PA-DSS)
Payment Software
Secure SLC-Qualified Software Vendors
Point to Point Encryption Solutions
Software-based PIN Entry on COTS (SPoC) Solutions
Contactless Payments on COTS (CPoC) Solutions
Additional Resources
PCI Forensic Investigators
PCI Professionals
Qualified Integrators and Resellers
PCI Recognized Laboratories
Give Feedback
Document Library
Training & Qualification
Training & Qualification
COVID-19 Resources
Overview
3DS Assessor
Approved Scanning Vendor
Associate QSA
Card Production Security Assessor
Informational Training
Internal Security Assessor
Payment Application QSA
PCI Acquirer Training
PCI Awareness Training
PCI Forensic Investigator
PCI Professional
P2PE Assessors
Qualified Integrator and Reseller
Qualified PIN Assessors
Qualified Security Assessor
Secure SLC Assessor
Secure Software Assessor
Webinars
Meet Our Trainers
Training FAQ
eLearning Training Schedule
Program Fees
Become Qualified
Corporate Group Training
About Us
About Us
COVID-19 Resources
Overview
Leadership
Jobs at PCI
Contact Us
Antitrust Policy
Privacy Policy
IPR Policy
Get Involved
Get Involved
COVID-19 Resources
Overview
Affiliate Members
Board of Advisors
Global Executive Assessor Roundtable
Participating Organizations
Regional Engagement Board
Special Interest Groups
Strategic Members
Strategic Regional Members
Community Meetings
Past Community Meetings
Event Photo Gallery
Request for Comments
Newsroom
Newsroom
COVID-19 Resources
Newsroom Home Page
Blog
Announcements
In the News
Events
FAQs
PCI Perspectives
Insights, information and practical resources to help your organization protect payment data.
Paving the way: Inspiring Women in Payments - A podcast featuring Natasja Bolton
Posted by
Alicia Malone
on
4 Mar, 2021
in
Interview
and
PCI SSC
and
Women in Payments
With more than 20 years in the technology industry, Natasja Bolton’s experience has largely been a...
READ MORE
PCI DSS v4.0 Timeline Updated to Support an Additional RFC
Posted by
Lindsay Goodspeed
on
26 Feb, 2021
in
PCI DSS
and
Request for Comments
and
PCI DSS v4.0
Industry feedback is fundamental to the evolution of the PCI Data Security Standard (PCI DSS). Bec...
READ MORE
Paving the way: Inspiring Women in Payments - A Q&A featuring Jen Stone
Posted by
Alicia Malone
on
22 Feb, 2021
in
Interview
and
PCI SSC
and
Women in Payments
She was a single mom with three kids in daycare, no child support, and a job as an executive assis...
READ MORE
PCI Secure SLC Program Expands Vendor Eligibility with Version 1.1
Posted by
Alicia Malone
on
18 Feb, 2021
in
Software
and
Training
and
Awareness
and
Vendors
and
PA-DSS
and
Software Security Framework
Today, the PCI Security Standards Council (PCI SSC) published version 1.1 of the PCI Secure Software...
READ MORE
Paving the way: Inspiring Women in Payments - A podcast featuring Angel Grant
Posted by
Alicia Malone
on
10 Feb, 2021
in
Interview
and
PCI SSC
and
Women in Payments
When she’s not perfecting her lock-picking skills, Angel Grant is busy building a diverse team who...
READ MORE
Request for Comments: PTS HSM Security Requirements v4.0
Posted by
Lindsay Goodspeed
on
9 Feb, 2021
in
Participation
and
Request for Comments
and
PTS HSM
PTS Vendors who are Participating Organizations and PCI Recognized labs are invited to review and ...
READ MORE
Paving the way: Inspiring Women in Payments - A Q&A featuring Sheryl Benedict
Posted by
Alicia Malone
on
29 Jan, 2021
in
Interview
and
PCI SSC
and
Women in Payments
After seeing the 1983 film WarGames as a child, Sheryl Benedict became fascinated by computer tech...
READ MORE
PCI SSC Executive Director Discusses New Board and 2021 Priorities
Posted by
Lance J. Johnson
on
28 Jan, 2021
in
Awareness
and
Interview
and
PCI DSS
and
Board of Advisors
and
Participation
and
Mobile
and
Software Security Framework
and
PCI DSS v4.0
With the start of a new year, PCI SSC Executive Director Lance Johnson welcomes the new 2021-2022 Bo...
READ MORE
PCI SSC Announces 2021 Special Interest Group Election Results
Posted by
Alicia Malone
on
27 Jan, 2021
in
Guidance
and
SIGs
and
Participation
Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Cou...
READ MORE
Paving the way: Inspiring Women in Payments - A podcast featuring Nicole Braun
Posted by
Alicia Malone
on
20 Jan, 2021
in
Interview
and
PCI SSC
and
Women in Payments
At times, Nicole Braun was the only female Qualified Security Assessor (QSA) in the entire country...
READ MORE
Request for Comments: SPoC Unsupported Operating Systems Annex
Posted by
Alicia Malone
on
6 Jan, 2021
in
Participation
and
Mobile
and
Request for Comments
and
SPoC
and
PIN Security Standard
From 6 January 2021 to 4 February 2021, PCI SSC stakeholders can participate in a Request for Comm...
READ MORE
A Q&A with Gill Woodcock, VP, Global Head of Programs
Posted by
Alicia Malone
on
8 Dec, 2020
in
Interview
and
PCI SSC
and
Women in Payments
After more than 10 years at PCI Security Standards Council (PCI SSC), Gill Woodcock, VP, Global He...
READ MORE
Vote Now for 2021 Special Interest Group Projects
Posted by
Alicia Malone
on
23 Nov, 2020
in
Guidance
and
SIGs
and
Participation
From now through 21 December 2020, PCI SSC Participating Organizations are invited to vote on prop...
READ MORE
SAFECode and PCI SSC Discuss the Evolution of Secure Software
Posted by
Alicia Malone
on
20 Nov, 2020
in
Software
and
Guidance
and
Awareness
and
Interview
and
PCI DSS
and
PA-DSS
and
PCI SSC
and
Third Party Risk
and
Software Security Framework
When the PCI Security Standards Council (PCI SSC) developed its Software Security Framework (SSF) a ...
READ MORE
Payment Security in India: 2020 India Forum
Posted by
Mark Meissner
on
19 Nov, 2020
in
Small Business
and
PCI Forensic Investigator (PFI)
and
eCommerce
and
Breaches
and
Training
and
Events
and
Awareness
and
Interview
and
Board of Advisors
and
PCI SSC
and
QSA
and
Participation
and
India
As Associate Director for India, Nitin Bhatnagar is responsible for driving awareness and adoption o...
READ MORE
How to Successfully Transition Software from PA-DSS to the PCI Secure Software Standard
Posted by
Alicia Malone
on
11 Nov, 2020
in
Software
and
Training
and
Acquirers
and
Vendors
and
Interview
and
PA-DSS
and
QSA
and
Software Security Framework
On 28 October 2022, the Payment Application Data Security Standard (PA-DSS) program will officially ...
READ MORE
A Message from PCI SSC Executive Director Lance Johnson: Vote for the 2021-2022 Board of Advisors
Posted by
Lance J. Johnson
on
9 Nov, 2020
in
Board of Advisors
and
Participation
Every two years we ask PCI SSC Participating Organizations to nominate candidates and then vote to e...
READ MORE
Request for Comments: PCI Card Production v3 Draft Standard
Posted by
Lindsay Goodspeed
on
6 Nov, 2020
in
Participation
and
Request for Comments
and
Card Production
From 2 November to 1 December 2020, PCI SSC stakeholders can participate in a Request for Comments...
READ MORE
Women in Payments: Q&A with Gina Gobeyn
Posted by
Alicia Malone
on
3 Nov, 2020
in
Interview
and
PCI SSC
and
Women in Payments
From businesswoman to cybersecurity chief, Gina Gobeyn took a nontraditional route to the payments...
READ MORE
Making a Difference: Global Payments
Posted by
Alicia Malone
on
22 Oct, 2020
in
Interview
and
Board of Advisors
and
Participation
and
COVID-19
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Beware of Account Testing Attacks
Posted by
Mark Meissner
on
21 Oct, 2020
in
Breaches
and
Patching
and
Passwords
and
PCI DSS
and
PCI DSS v4.0
PCI SSC's Troy Leach and NCFTA's Matt LaVigna share guidance and information on protecting against A...
READ MORE
Making a Difference: Accor
Posted by
Alicia Malone
on
20 Oct, 2020
in
Interview
and
Board of Advisors
and
Participation
and
COVID-19
The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next...
READ MORE
Beware of ATM Cash-Outs
Posted by
Mark Meissner
on
7 Oct, 2020
in
Breaches
and
Patching
and
Passwords
and
Malware
and
Hackers
and
Skimming
and
Phishing
and
Awareness
and
PCI DSS
and
Penetration Testing
and
Multi-Factor Authentication
and
Remote Access
and
PCI DSS v4.0
PCI SSC and ATMIA share guidance and information on protecting against ATM Cash-outs.
READ MORE
Women in Payments: Q&A with Diana Greenhaw
Posted by
Alicia Malone
on
6 Oct, 2020
in
Interview
and
PCI SSC
and
Women in Payments
Protecting data is everyone’s responsibility, according to Diana Greenhaw who followed a nontradit...
READ MORE
PCI PIN Security in Practice Case Study: First Tech
Posted by
Lindsay Goodspeed
on
1 Oct, 2020
in
Case Study
and
Brazil
and
Regional Engagement Board
and
PIN Security Standard
In this PCI PIN Security Requirements in Practice Case Study, Brazil Regional Engagement Board Mem...
READ MORE
The Value of the PCI Secure Software Lifecycle Standard for Software Vendors
Posted by
Alicia Malone
on
30 Sep, 2020
in
Software
and
Training
and
Vendors
and
PA-DSS
and
Software Security Framework
The PCI Secure Software Lifecycle (Secure SLC) Standard is part of the PCI Software Security Framewo...
READ MORE
What to Know Before Participating in a PCI SSC RFC
Posted by
Lindsay Goodspeed
on
29 Sep, 2020
in
PCI DSS
and
Participation
and
Request for Comments
and
Resource Guide
and
PCI DSS v4.0
The PCI SSC Request for Comments (RFC) process is an avenue for PCI SSC stakeholders to provide fe...
READ MORE
Request for Comments: PCI DSS Version 4.0 Draft Standard
Posted by
Lindsay Goodspeed
on
23 Sep, 2020
in
PCI DSS
and
Participation
and
Request for Comments
and
PCI DSS v4.0
From 23 September to 13 November 2020, PCI SSC stakeholders can participate in a Request for Comme...
READ MORE
PCI PIN Security in Practice Case Study: Gertec
Posted by
Lindsay Goodspeed
on
21 Sep, 2020
in
Case Study
and
Brazil
and
Regional Engagement Board
and
PIN Security Standard
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Gertec shares how ...
READ MORE
PCI DSS in Practice Case Study: PicPay
Posted by
Lindsay Goodspeed
on
16 Sep, 2020
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member PicPay shares how ...
READ MORE
PCI SSC to Host its 2020 Community Meetings Online as Virtual Events
Posted by
Alicia Malone
on
15 Sep, 2020
in
Events
and
Community Meetings
and
Interview
and
PCI SSC
and
Participation
and
Remote Access
In an unprecedented year, PCI Security Standards Council (PCI SSC) will host its 2020 Community Me...
READ MORE
Benefits of Becoming a Participating Organization
Posted by
Jeremy King
on
14 Sep, 2020
in
Training
and
Community Meetings
and
SIGs
and
Board of Advisors
and
Participation
and
Participating Organizations
It is great that your organization takes securing payment data seriously. Now is the time to take ...
READ MORE
NIST and PCI SSC Find Common Ground in Development of Software Frameworks
Posted by
Alicia Malone
on
10 Sep, 2020
in
Software
and
Guidance
and
Awareness
and
Interview
and
PCI DSS
and
PA-DSS
and
PCI SSC
and
Software Security Framework
The National Institute of Standards and Technology (NIST) and the PCI Security Standards Council (PC...
READ MORE
Women in Payments: Q&A with Julie Krueger
Posted by
Alicia Malone
on
8 Sep, 2020
in
Interview
and
PCI SSC
and
Women in Payments
When Julie Krueger graduated from college 35 years ago, only five percent of her electrical engine...
READ MORE
Registration Now Open for Software Security Framework New Assessor Training
Posted by
Alicia Malone
on
3 Sep, 2020
in
Software
and
Training
and
Software Security Framework
and
Assessors
Registration is now open for Software Security Framework (SSF) New Assessor Training. PCI Security S...
READ MORE
PCI DSS in Practice Case Study: CSU
Posted by
Lindsay Goodspeed
on
2 Sep, 2020
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member CSU Cardsystem S.A...
READ MORE
PCI DSS in Practice Case Study: Cielo
Posted by
Lindsay Goodspeed
on
26 Aug, 2020
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Cielo shares the c...
READ MORE
Make a Difference: Serve on the 2021-2022 PCI SSC Board of Advisors
Posted by
Alicia Malone
on
18 Aug, 2020
in
Interview
and
Board of Advisors
and
Participation
and
FAQ
Every two years, PCI Security Standards Council asks its Participating Organizations to elect its ne...
READ MORE
PCI SSC Offers Informational Training via New eLearning Platform
Posted by
Alicia Malone
on
13 Aug, 2020
in
Training
and
Certification
and
Interview
PCI Security Standards Council (PCI SSC) has adopted a new eLearning platform to move all informat...
READ MORE
Women in Payments: Q&A with Robin Trickel
Posted by
Alicia Malone
on
12 Aug, 2020
in
Interview
and
PCI SSC
and
Women in Payments
Companies achieve more when a variety of perspectives are represented at the table. In this month’...
READ MORE
What's Next for PCI SSC Mobile Payments Security Standards?
Posted by
Ralph Spencer Poore
on
31 Jul, 2020
in
Mobile
and
SPoC
and
Contactless
PCI SSC has published Software-based PIN-entry on COTS (SPoC)™ v1.1, Contactless Payments on COTS ...
READ MORE
A View into Feedback from the PCI DSS v4.0 RFC
Posted by
Lauren Holloway
on
29 Jul, 2020
in
PCI DSS
and
Participation
and
Request for Comments
and
Participating Organizations
and
PCI DSS v4.0
PCI SSC recently concluded the review of over 3,000 comments submitted for the first PCI DSS v4.0 ...
READ MORE
Women in Payments: Q&A with Lisa Conroy
Posted by
Alicia Malone
on
14 Jul, 2020
in
Interview
and
PCI SSC
and
Women in Payments
Though she didn’t initially set out to prevent crime, when Lisa Conroy was first involved in data se...
READ MORE
What’s New in PCI SPoC Security Standard Version 1.1?
Posted by
Alicia Malone
on
25 Jun, 2020
in
Software
and
Apps
and
Interview
and
PTS POI
and
Mobile
and
SPoC
and
Contactless
Today, the PCI SSC published a minor revision to the PCI SPoC Security Standard. Version 1.1 of th...
READ MORE
Just Updated: PTS POI Standard
Posted by
Lindsay Goodspeed
on
16 Jun, 2020
in
Software
and
PTS POI
and
Mobile
and
Remote Access
Today, PCI SSC has published PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular...
READ MORE
What to Know About the Approved Scanning Vendor Program
Posted by
Lindsay Goodspeed
on
10 Jun, 2020
in
Training
and
Awareness
and
Interview
and
PCI SSC
New vulnerabilities, security holes and bugs are being discovered daily. It is vital to have Inter...
READ MORE
We Are All in This Together: Responding to the COVID-19 Pandemic
Posted by
Alicia Malone
on
4 Jun, 2020
in
Guidance
and
Training
and
Phishing
and
Awareness
and
Interview
and
Multi-Factor Authentication
and
Remote Access
and
Video
and
COVID-19
Global representatives of the PCI Security Standards Council recently came together, via a virtual...
READ MORE
Women in Payments: Q&A with Diane Rogerson
Posted by
Alicia Malone
on
2 Jun, 2020
in
Interview
and
PCI SSC
and
Women in Payments
Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog s...
READ MORE
PCI DSS v4.0: Anticipated Timelines and Latest Updates
Posted by
Lindsay Goodspeed
on
29 May, 2020
in
PCI DSS
and
PCI SSC
and
QSA
and
Participation
and
PCI DSS v4.0
Industry feedback, together with the changes in payments, technology, and security, is driving our...
READ MORE
Request for Comments: PIN v3.1 Standard Draft
Posted by
Lindsay Goodspeed
on
29 May, 2020
in
Participation
and
Request for Comments
and
PIN Security Standard
From 29 May 2020 to 30 June 2020, PCI SSC stakeholders can participate in a Request for Comments (...
READ MORE
Request for Comments: Secure Software Standard Update: Draft Terminal Software Module
Posted by
Alicia Malone
on
21 May, 2020
in
Software
and
PA-DSS
and
QSA
and
Participation
and
Request for Comments
and
Software Security Framework
From 21 May to 22 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) ...
READ MORE
2020 – 2022 Global Executive Assessor Roundtable
Posted by
Alicia Malone
on
19 May, 2020
in
Awareness
and
Interview
and
Participation
and
GEAR
In 2018, PCI Security Standards Council established its first Global Executive Assessor Roundtable (...
READ MORE
Women in Payments: Q&A with Julie Quandt
Posted by
Alicia Malone
on
5 May, 2020
in
Interview
and
PCI SSC
and
Women in Payments
Julie Quandt used to be the only woman in the room at her corporate meetings. In this month’s Women ...
READ MORE
Beware of Online Skimming Threats During the COVID-19 Crisis
Posted by
Mark Meissner
on
4 May, 2020
in
eCommerce
and
Breaches
and
Guidance
and
Patching
and
Passwords
and
Malware
and
Hackers
and
Skimming
and
Awareness
and
Interview
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
and
COVID-19
PCI SSC and the U.S. Chamber of Commerce shares guidance and information on protecting against onlin...
READ MORE
Maintaining POS Device Security and Cleanliness
Posted by
Emma Sutcliffe
on
30 Apr, 2020
in
Point of Sale (POS)
and
COVID-19
With the global spread of COVID-19, awareness about the potential risks associated with touching pub...
READ MORE
Additional Remote Assessment Considerations During COVID-19
Posted by
Emma Sutcliffe
on
28 Apr, 2020
in
PCI SSC
and
QSA
and
Remote Access
and
COVID-19
PCI SSC recognizes that in the current exceptional circumstances relating to COVID-19, entities are ...
READ MORE
Updated Guidance: Responding to a Data Breach
Posted by
Gill Woodcock
on
22 Apr, 2020
in
PCI Forensic Investigator (PFI)
and
Training
and
Certification
and
Resource Guide
PCI Security Standards Council recently updated the guidance document: Responding to a Cardholder Da...
READ MORE
8 Tips for Small Merchants: Protecting Payment Data During COVID-19
Posted by
Lindsay Goodspeed
on
21 Apr, 2020
in
Small Business
and
Patching
and
Passwords
and
Small Merchant Resources
and
SMB Series
and
Remote Access
and
Resource Guide
and
COVID-19
The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that...
READ MORE
7 Common Questions about CPEs During COVID-19
Posted by
Lindsay Goodspeed
on
17 Apr, 2020
in
Point to Point Encryption (P2PE)
and
Training
and
QSA
and
FAQ
and
COVID-19
Continuing professional education is an important component of PCI SSC Qualification. Staying up to ...
READ MORE
Women in Payments: Q&A with Tracey Long
Posted by
Alicia Malone
on
7 Apr, 2020
in
Interview
and
PCI SSC
and
Women in Payments
After 10 years on the police force, Tracey Long knew a thing or two about fraud. In this month’s blo...
READ MORE
How the PCI DSS Can Help Remote Workers
Posted by
Emma Sutcliffe
on
26 Mar, 2020
in
Patching
and
Passwords
and
Firewalls
and
Awareness
and
PCI DSS
and
Multi-Factor Authentication
and
Remote Access
and
COVID-19
PCI SSC shares guidance for protecting payment data and how to work securely when connecting and wor...
READ MORE
Beware of COVID-19 Online Scams and Threats
Posted by
Troy Leach
on
25 Mar, 2020
in
Patching
and
Passwords
and
Firewalls
and
Hackers
and
Phishing
and
Awareness
and
PCI DSS
and
Multi-Factor Authentication
and
Remote Access
and
COVID-19
PCI SSC shares guidance on protecting against COVID-19 scams and threats.
READ MORE
Protecting Payments While Working Remotely
Posted by
Lindsay Goodspeed
on
23 Mar, 2020
in
SIGs
and
BAU
and
Remote Access
and
COVID-19
PCI SSC is dedicated to providing necessary guidance to the payments industry during evolving circum...
READ MORE
Women in Payments: Q&A with Marie-Christine Vittet
Posted by
Alicia Malone
on
17 Mar, 2020
in
Interview
and
PCI SSC
and
Women in Payments
For Marie-Christine Vittet, cybersecurity is more than a job, it’s a way of life. In this month’s bl...
READ MORE
Important Training Schedule Update: Instructor-Led Trainings (ILT) Canceled
Posted by
Alicia Malone
on
16 Mar, 2020
in
Point to Point Encryption (P2PE)
and
Training
and
Awareness
and
QSA
and
COVID-19
Updated 29 June 2020 With the primary concern continuing to be for the safety of everyone involved, ...
READ MORE
How Industry Feedback is Shaping the Future of PCI DSS
Posted by
Lance J. Johnson
on
12 Mar, 2020
in
PCI DSS
and
Participation
and
Request for Comments
and
Strategic Framework
and
Participating Organizations
and
PCI DSS v4.0
The Council recently conducted its most successful Request for Comment (RFC) ever - on the initial d...
READ MORE
Remote Assessments and the Coronavirus
Posted by
Troy Leach
on
11 Mar, 2020
in
QSA
and
PIN Assessments
and
COVID-19
Troy Leach, Senior Vice President, Engagement Officer, PCI SSC, discusses guidance for performing as...
READ MORE
Expiration Date Extended for PTS POI v.3 Devices
Posted by
Lindsay Goodspeed
on
10 Mar, 2020
in
Awareness
and
Compliance
and
PTS POI
and
COVID-19
Due to supply-chain disruptions related to the coronavirus, the PCI Council has extended the expir...
READ MORE
Request for Comments: Software-based PIN Entry on COTS Standard v1.1
Posted by
Lindsay Goodspeed
on
5 Mar, 2020
in
PTS POI
and
Participation
and
Request for Comments
and
SPoC
and
Contactless
and
QPA
From 2 March to 14 April 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC...
READ MORE
PCI SSC Statement on COVID-19
Posted by
Lance J. Johnson
on
4 Mar, 2020
in
Awareness
and
COVID-19
PCI SSC is aware of the unprecedented situation caused by the spread of COVID-19. As circumstances e...
READ MORE
New Guidance: PCI DSS for Large Organizations
Posted by
Lindsay Goodspeed
on
20 Feb, 2020
in
PCI DSS
and
Compliance
and
SIGs
and
BAU
and
Resource Guide
PCI Security Standards Council has published a new Information Supplement: PCI DSS for Large Organiz...
READ MORE
Women in Payments: Q&A with Amy Zirkle
Posted by
Mark Meissner
on
6 Feb, 2020
in
Interview
and
PCI SSC
and
Women in Payments
We at the PCI Security Standards Council believe strongly that there is a need for more women in cyb...
READ MORE
PCI SSC in Brazil: New Regional Engagement Board for 2020
Posted by
Lindsay Goodspeed
on
29 Jan, 2020
in
Participation
and
Brazil
and
Regional Engagement Board
PCI SSC has announced a newly expanded Brazil Regional Engagement Board. Here we talk with PCI SSC...
READ MORE
Request for Comments: PCI PTS Point of Interaction (POI) v6
Posted by
Lindsay Goodspeed
on
28 Jan, 2020
in
PTS POI
and
QSA
and
Participation
and
Request for Comments
and
QPA
From 24 January to 24 February 2020, PCI SSC stakeholders can participate in a Request for Comment...
READ MORE
How Industry Collaboration Created a Unified PIN Standard
Posted by
Mark Meissner
on
20 Jan, 2020
in
Interview
and
PIN Assessments
On the blog we discuss a joint collaboration between PCI SSC and ASC X9 to create a unified PIN stan...
READ MORE
Online Skimming and Payment Security
Posted by
Mark Meissner
on
9 Jan, 2020
in
eCommerce
and
Breaches
and
Guidance
and
Patching
and
Hackers
and
Awareness
and
Interview
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
On the blog, we cover basic questions with Christopher D. Roberti, Senior Vice President for Cyber, ...
READ MORE
Women in Payments: Q&A with Stacy Hughes
Posted by
Mark Meissner
on
6 Jan, 2020
in
Interview
and
PCI SSC
and
Women in Payments
We at the PCI Security Standards Council believe strongly that there is a need for more women in cyb...
READ MORE
Increasing Industry Participation and Knowledge
Posted by
Laura K. Gray
on
18 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Increasing industry participation and knowledge is a core pillar in the PCI Security Standards Counc...
READ MORE
P2PE v3.0: What Merchants Need to Know
Posted by
Lindsay Goodspeed
on
12 Dec, 2019
in
Point to Point Encryption (P2PE)
The updates to the P2PE Standard and supporting program is part of the Council’s mission to evolve s...
READ MORE
P2PE v3.0: What Vendors and Assessors Need to Know
Posted by
Lindsay Goodspeed
on
12 Dec, 2019
in
Point to Point Encryption (P2PE)
and
Interview
The updates to the P2PE Standard and supporting program are part of the Council’s mission to evolve ...
READ MORE
Increasing Standards Alignment and Consistency
Posted by
Laura K. Gray
on
11 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Increasing standards alignment and consistency is a core pillar in the PCI Security Standards Counci...
READ MORE
Be Alert this Holiday Season: Payment Security Tips for Businesses
Posted by
Mark Meissner
on
5 Dec, 2019
in
Small Business
and
Small Merchant Resources
and
Educational Resource
On this blog we explore the challenges around security of payment data during the hectic holiday sea...
READ MORE
Just Published: PCI Contactless Payments on COTS
Posted by
Laura K. Gray
on
4 Dec, 2019
in
Mobile
and
Contactless
The PCI Security Standards Council (PCI SSC) has published a new data security standard for solution...
READ MORE
Securing Emerging Payment Channels
Posted by
Laura K. Gray
on
3 Dec, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Securing emerging payment channels is a core pillar in the PCI Security Standards Council’s (PCI SSC...
READ MORE
ISA in Practice Case Study: TIVIT
Posted by
Laura K. Gray
on
21 Nov, 2019
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
and
Brazil
and
Regional Engagement Board
To better serve its customers in the payment card industry and support their PCI Data Security Sta...
READ MORE
Evolving PCI Standards and Validation
Posted by
Laura K. Gray
on
20 Nov, 2019
in
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
Evolving PCI Standards and Validation is a core pillar in the PCI Security Standards Council’s strat...
READ MORE
ISA in Practice Case Study: Braspag
Posted by
Laura K. Gray
on
14 Nov, 2019
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
and
Brazil
and
Regional Engagement Board
Driven by a need to improve internal security controls, help improve the company’s interactions wi...
READ MORE
Vote Now for 2020 Special Interest Group Projects
Posted by
Lindsay Goodspeed
on
11 Nov, 2019
in
Guidance
and
SIGs
and
Participation
From now through 25 November PCI SSC Participating Organizations are invited to vote on proposals ...
READ MORE
PCI DSS in Practice Case Study: FIS
Posted by
Laura K. Gray
on
7 Nov, 2019
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
FIS faced the challenge of coordinating several simultaneous assessments across its organization a...
READ MORE
Key Blocks 104
Posted by
Mark Meissner
on
4 Nov, 2019
in
Point to Point Encryption (P2PE)
and
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On this blog, the fourth of the series, ...
READ MORE
Participation Opportunity: 2020-2021 Brazil Regional Engagement Board
Posted by
Laura K. Gray
on
1 Nov, 2019
in
PCI DSS
and
Participation
and
Brazil
and
Regional Engagement Board
From 1-29 November 2019, the PCI Security Standards Council (PCI SSC) is accepting nominations from ...
READ MORE
What to Know about PCIP Requalification
Posted by
Elizabeth Terry
on
30 Oct, 2019
in
Training
and
Awareness
and
Certification
and
Participation
and
PCIP
The Payment Card Industry Professional (PCIP) is an individual, entry-level qualification in payme...
READ MORE
Request for Comments: PCI DSS Version 4.0
Posted by
Laura K. Gray
on
28 Oct, 2019
in
PCI DSS
and
Request for Comments
and
PCI DSS v4.0
From 28 October to 13 December 2019, PCI SSC stakeholders can participate in a Request for Comment...
READ MORE
Coming Soon: New Contactless Standard
Posted by
Laura K. Gray
on
23 Oct, 2019
in
Community Meetings
and
Interview
and
PTS POI
and
Mobile
and
Contactless
In December, PCI SSC plans to publish a new standard for solutions that enable “tap and go” transa...
READ MORE
How the Council is Evolving to Secure the Future of Payments
Posted by
Lindsay Goodspeed
on
22 Oct, 2019
in
Community Meetings
and
Interview
and
PCI DSS
and
PCI DSS v4.0
In his presentation at the 2019 PCI Community Meeting this week in Dublin, Chief Technology Officer ...
READ MORE
Resource Guide: Transitioning from PA-DSS to the Software Security Framework
Posted by
Laura K. Gray
on
21 Oct, 2019
in
Apps
and
Community Meetings
and
PA-DSS
and
Resource Guide
and
Software Security Framework
The PCI Security Standards Council (PCI SSC) has published a resource guide with key information t...
READ MORE
PCI DSS in Practice Case Study: Braspag
Posted by
Laura K. Gray
on
17 Oct, 2019
in
PCI DSS
and
Case Study
and
Brazil
and
Regional Engagement Board
Braspag was challenged with managing the costs involved with implementing and maintaining the PCI ...
READ MORE
PCI DSS in Practice Case Study: Decolar
Posted by
Laura K. Gray
on
10 Oct, 2019
in
PCI DSS
and
Cloud Security
and
Case Study
and
Brazil
and
Regional Engagement Board
Decolar needed to ensure that PCI Data Security Standard (PCI DSS) controls were being maintained ...
READ MORE
New Assessor Opportunity: PCI Software Security Framework
Posted by
Laura K. Gray
on
2 Oct, 2019
in
QSA
and
Software Security Framework
and
Assessors
PCI SSC has launched a new assessor qualification program to support the PCI Software Security Fra...
READ MORE
3 Things to Know About P2PE v3.0
Posted by
Lindsay Goodspeed
on
19 Sep, 2019
in
Point to Point Encryption (P2PE)
and
Community Meetings
The PCI P2PE Standard provides a comprehensive set of security requirements for validation of P2PE s...
READ MORE
5 Questions About PCI DSS v4.0
Posted by
Laura K. Gray
on
18 Sep, 2019
in
Community Meetings
and
PCI DSS
and
Request for Comments
and
PCI DSS v4.0
In this interview with the Council’s Global Head of Standards, Emma Sutcliffe, we address key questi...
READ MORE
Executive Director Q&A: PCI SSC Strategic Framework
Posted by
Laura K. Gray
on
17 Sep, 2019
in
Community Meetings
and
Interview
and
PCI SSC
and
Participation
and
Strategic Framework
In his keynote presentation at the 2019 PCI Community Meeting this week in Vancouver, Executive Dire...
READ MORE
Understanding the PCI Software Security Framework: New Educational Resources
Posted by
Laura K. Gray
on
16 Sep, 2019
in
Apps
and
PA-DSS
and
Resource Guide
and
Software Security Framework
Ahead of the North America Community Meeting this week in Vancouver, PCI SSC has published new educ...
READ MORE
Closing the Gender Gap in Payment Security
Posted by
Mark Meissner
on
30 Aug, 2019
in
Interview
and
PCI SSC
September 1, 2019 is International Women in Cyber Day. On the blog, we profile Emma Sutcliffe, Head...
READ MORE
Key Blocks 103
Posted by
Mark Meissner
on
27 Aug, 2019
in
Point to Point Encryption (P2PE)
and
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On the blog, the third of the series, w...
READ MORE
Regional Update: PCI Latin America Forum in Brazil
Posted by
Laura K. Gray
on
16 Aug, 2019
in
Interview
and
Participation
and
Brazil
and
Regional Engagement Board
The PCI SSC Latin America Forum took place this week in São Paulo, Brazil, gathering more than 350 p...
READ MORE
Key Blocks 102
Posted by
Mark Meissner
on
15 Aug, 2019
in
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Standard requires implementation of Key Blocks. On the blog, we cover basic questions a...
READ MORE
3 Things to Know about PCI DSS v4.0 Development
Posted by
Laura K. Gray
on
5 Aug, 2019
in
PCI DSS
and
Request for Comments
and
PCI DSS v4.0
PCI SSC stakeholders play an important role in the ongoing evolution of the PCI Data Security Standa...
READ MORE
The Threat of Online Skimming to Payment Security
Posted by
Mark Meissner
on
1 Aug, 2019
in
eCommerce
and
Breaches
and
Guidance
and
Patching
and
Hackers
and
Phishing
and
Awareness
and
PCI DSS
and
Multi-Factor Authentication
and
PCI SSC
How the emerging threat of online skimming presents a great threat to the payment security community...
READ MORE
Information Supplement: Best Practices for Maintaining PCI DSS Compliance
Posted by
Lindsay Goodspeed
on
31 Jul, 2019
in
PCI DSS
and
Compliance
and
SIGs
and
BAU
and
Resource Guide
Information Supplement: Best Practices for Maintaining PCI DSS Compliance provides updated guidance ...
READ MORE
5 Common Questions About Continuing Professional Education Credits
Posted by
Elizabeth Terry
on
25 Jul, 2019
in
Point to Point Encryption (P2PE)
and
Training
and
QSA
and
FAQ
Continuing professional education is an important component of PCI SSC Qualification. Staying up to ...
READ MORE
Request for Comments: Contactless Payments on COTS Standard
Posted by
Laura K. Gray
on
22 Jul, 2019
in
Mobile
and
Request for Comments
and
Contactless
From 22 July to 20 August 2019, PCI SSC stakeholders can participate in a Request for Comments (RFC)...
READ MORE
PCI Software Security Framework FAQS: PA-DSS Impact and Transition
Posted by
Laura K. Gray
on
19 Jul, 2019
in
Software
and
PA-DSS
and
FAQ
and
Software Security Framework
New FAQs address key questions on the transition from PA-DSS to the PCI Software Security Framework.
READ MORE
NIST Mapping
Posted by
Mark Meissner
on
17 Jul, 2019
in
Infographic
and
Guidance
and
PCI DSS
Mapping PCI DSS v. 3.2.1 to the NIST Cybersecurity Framework v. 1.1 How meeting PCI DSS requiremen...
READ MORE
FAQ: Can organizations use alternative password management methods to meet PCI DSS Requirement 8?
Posted by
Lindsay Goodspeed
on
11 Jul, 2019
in
Passwords
and
PCI DSS
and
Multi-Factor Authentication
and
FAQ
Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated re...
READ MORE
Key Blocks 101
Posted by
Mark Meissner
on
9 Jul, 2019
in
Encryption
and
PIN Security Standard
and
Key Blocks
The PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard) require impleme...
READ MORE
New Software Security Framework Programs: Timeline & Key Milestones
Posted by
Laura K. Gray
on
26 Jun, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
PCI SSC has announced the rollout of the Secure Software Lifecycle (Secure SLC) and Secure Software ...
READ MORE
Guidance: PIN Security Requirement 18-3 Key Blocks
Posted by
Laura K. Gray
on
19 Jun, 2019
in
Guidance
and
PIN Security Standard
and
Key Blocks
The PIN Security Requirement 18-3 Key Blocks Information Supplement provides a series of FAQs to hel...
READ MORE
PCI on Mobile Payment Acceptance: SPoC and Contactless Updates
Posted by
Laura K. Gray
on
29 May, 2019
in
Software
and
Mobile
and
SPoC
and
Contactless
PCI SSC recently completed the first of two request for comments (RFC) periods on the draft PCI Co...
READ MORE
PCI Software Security Framework: Update on Assessor Qualification
Posted by
Laura K. Gray
on
23 May, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
Who will be eligible to conduct assessments under the PCI Software Security Framework? How will th...
READ MORE
Request for Comments: P2PE Standard v3.0
Posted by
Lindsay Goodspeed
on
22 May, 2019
in
Point to Point Encryption (P2PE)
and
Participation
and
Request for Comments
From 20 May to 19 June, PCI SSC stakeholders can participate in a Request for Comments (RFC) on th...
READ MORE
Programs Update: PCI Software Security Framework
Posted by
Laura K. Gray
on
25 Apr, 2019
in
Software
and
Apps
and
Interview
and
PCI DSS
and
Software Security Framework
New validation programs are being developed to support the PCI Software Security Standards. Together...
READ MORE
PCI Standards in 2019: Q&A with CTO Troy Leach
Posted by
Laura K. Gray
on
12 Apr, 2019
in
Point to Point Encryption (P2PE)
and
Interview
and
PCI DSS
and
PTS POI
and
Third Party Risk
and
Participation
and
Request for Comments
and
SPoC
and
Software Security Framework
and
Contactless
and
PCI DSS v4.0
What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Off...
READ MORE
What to Know About the New Card Production Security Assessor Program
Posted by
Lindsay Goodspeed
on
11 Apr, 2019
in
Training
and
Interview
and
Assessors
and
CPSA Program
and
Card Production Standard
PCI SSC is in the process of launching a new program to train and qualify security professionals to ...
READ MORE
PCI Council Executive Director on 2019 Priorities
Posted by
Laura K. Gray
on
28 Mar, 2019
in
Interview
and
PCI SSC
and
Participation
A little more than a year into his role as Executive Director, Lance Johnson provides an update on w...
READ MORE
Resource for Small Merchants: Firewall Basics
Posted by
Lindsay Goodspeed
on
15 Mar, 2019
in
Small Business
and
Infographic
and
Firewalls
and
Small Merchant Resources
and
SMB Series
and
Resource Guide
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
PCI DSS: Looking Ahead to Version 4.0
Posted by
Laura K. Gray
on
6 Mar, 2019
in
PCI DSS
and
PCI DSS v4.0
PCI SSC has begun efforts on PCI Data Security Standard version 4.0 (PCI DSS v4.0). Here we provide ...
READ MORE
Regional Update: India
Posted by
Laura K. Gray
on
5 Mar, 2019
in
Interview
and
Participation
and
India
Associate Regional Director for India, Nitin Bhatnagar, provides an update on PCI SSC efforts in the...
READ MORE
Resource for Small Merchants: Glossary of Payment and InfoSec Terms
Posted by
Lindsay Goodspeed
on
28 Feb, 2019
in
Small Business
and
Guidance
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Request for Comments: PCI SPoC MSR Annex
Posted by
Laura K. Gray
on
26 Feb, 2019
in
Software
and
Participation
and
Request for Comments
and
SPoC
From 26 Feb to 26 March, PCI SSC stakeholders can participate in a Request for Comments (RFC) on t...
READ MORE
Applications Now Open for Qualified PIN Assessor Program
Posted by
Lindsay Goodspeed
on
20 Feb, 2019
in
Training
and
ATM Security
and
QSA
and
PIN Security Standard
and
Assessors
and
QPA
PCI SSC is now accepting applications for the Qualified PIN Assessor (QPA) Program.
READ MORE
Understanding the RFC Process: New Guidance
Posted by
Mark Meissner
on
15 Feb, 2019
in
Infographic
and
PCI SSC
and
Participation
and
Request for Comments
Request for Comments (RFC) periods are avenues for PCI SSC stakeholders to provide feedback on exi...
READ MORE
Resource for Small Merchants: Common Payment Systems
Posted by
Lindsay Goodspeed
on
12 Feb, 2019
in
Small Business
and
Guidance
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Lead QSA Rotation as Best Practice
Posted by
Elizabeth Terry
on
5 Feb, 2019
in
PCI DSS
and
Compliance
and
QSA
PCI SSC continually seeks to increase the baseline standard of quality within the assessor communi...
READ MORE
Update to Maintaining Compliance Information Supplement
Posted by
Lindsay Goodspeed
on
29 Jan, 2019
in
Guidance
and
Awareness
and
PCI DSS
and
Compliance
and
SIGs
and
BAU
The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Complian...
READ MORE
Resource for Small Merchants: Questions to Ask Your Vendors
Posted by
Lindsay Goodspeed
on
28 Jan, 2019
in
Small Business
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
PCI SPoC and Contactless Standards: What to Expect in 2019
Posted by
Laura K. Gray
on
25 Jan, 2019
in
Mobile
and
Request for Comments
and
SPoC
and
Contactless
At the PCI Security Standards Council (PCI SSC) we continue to evolve PCI Security Standards to prov...
READ MORE
Resource for Small Merchants: Guide to Safe Payments
Posted by
Lindsay Goodspeed
on
24 Jan, 2019
in
Small Business
and
Small Merchant Resources
and
SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec...
READ MORE
Coming Soon: Qualified PIN Assessor Program
Posted by
Lindsay Goodspeed
on
23 Jan, 2019
in
Training
and
Interview
and
ATM Security
and
QSA
and
PIN Security Standard
and
Assessors
PCI SSC is in the process of launching a new program to train and qualify security professionals to ...
READ MORE
PCI SSC in Brazil: New Regional Engagement Board for 2019
Posted by
Laura K. Gray
on
18 Jan, 2019
in
Interview
and
Participation
and
Brazil
and
Regional Engagement Board
PCI SSC has announced a newly expanded Brazil Regional Engagement Board. Here we talk with PCI SSC R...
READ MORE
Just Published: New PCI Software Security Standards
Posted by
Laura K. Gray
on
16 Jan, 2019
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
PCI SSC has published the PCI Secure Software Standard and the PCI Secure Software Lifecycle (Secure...
READ MORE
PCI DSS: Reminders and Resources
Posted by
Laura K. Gray
on
17 Dec, 2018
in
TLS/SSL
and
PCI DSS
and
Cloud Security
and
Multi-Factor Authentication
and
FAQ
Version 3.2 of the PCI Data Security Standard (PCI DSS) will be retired at the end of 2018. Here are...
READ MORE
Update on PCI Software Security Framework
Posted by
Laura K. Gray
on
14 Dec, 2018
in
Software
and
Apps
and
PA-DSS
and
Software Security Framework
PCI SSC is developing a new PCI Software Security Framework, a collection of software security stand...
READ MORE
What’s New in PCI 3DS SDK Security Standard Version 1.1?
Posted by
Laura K. Gray
on
13 Dec, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
3DS
Today, the PCI SSC published a minor revision to the PCI 3-D Secure Software Development Kit (3DS SD...
READ MORE
Payment Security in India
Posted by
Laura K. Gray
on
6 Dec, 2018
in
Interview
and
Participation
and
India
PCI SSC has hired Nitin Bhatnagar to lead its efforts in India. As Associate Director for India he...
READ MORE
Vote Now for 2019 Special Interest Group Projects
Posted by
Laura K. Gray
on
3 Dec, 2018
in
SIGs
and
Participation
From 3 – 19 December PCI SSC Participating Organizations are invited to vote on proposals for 2019...
READ MORE
Industry Guidance on Accepting Telephone Payments Securely
Posted by
Lindsay Goodspeed
on
27 Nov, 2018
in
Guidance
and
PCI DSS
and
SIGs
PCI SSC just published an updated version of the Special Interest Group information supplement Pro...
READ MORE
A Message from PCI SSC Executive Director: The Board of Advisors Needs Your Vote
Posted by
Lance J. Johnson
on
9 Nov, 2018
in
Board of Advisors
and
Participation
PCI SSC Participating Organizations, one of the best ways for you to ensure your issues and perspect...
READ MORE
Vote Now for the 2019-2020 PCI SSC Board of Advisors
Posted by
Laura K. Gray
on
5 Nov, 2018
in
Board of Advisors
and
Participation
From 5- 16 November 2018 the primary business contact for each Participating Organization and Affilia...
READ MORE
Dutch Payments Association: Payment Security and Collaboration in Europe
Posted by
Laura K. Gray
on
18 Oct, 2018
in
Community Meetings
and
Interview
and
Participation
At the Europe Community Meeting in London this week, a panel of European industry associations and s...
READ MORE
PCI Software Security Standards Coming Soon
Posted by
Laura K. Gray
on
17 Oct, 2018
in
Software
and
Apps
and
Community Meetings
and
Interview
and
PA-DSS
and
Participation
and
Software Security Framework
PCI SSC is in the process of finalizing new PCI Security Standards for the secure design and develop...
READ MORE
On Payment Security in Europe
Posted by
Laura K. Gray
on
16 Oct, 2018
in
Community Meetings
and
Interview
and
Small Merchant Resources
and
Participation
and
3DS
At the Europe Community Meeting in London this week International Director for Europe, Jeremy King, ...
READ MORE
PCI DSS in Practice Case Study: AccorHotels and Vigitrust
Posted by
Laura K. Gray
on
15 Oct, 2018
in
Case Study
AccorHotels needed a comprehensive multinational, multidimensional, and multicultural PCI Data Sec...
READ MORE
What’s Next for PCI Card Production and Provisioning?
Posted by
Laura K. Gray
on
12 Oct, 2018
in
Community Meetings
and
Interview
and
Card Production
What happens next with the PCI Card Production and Provisioning Standards? PCI SSC Chief Technology ...
READ MORE
How Innovation is Changing Payment Security (and Standards)
Posted by
Lindsay Goodspeed
on
27 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
Interview
and
Small Merchant Resources
and
Participation
In this interview from the 2018 North America Community Meeting, we sit down with Chief Technology O...
READ MORE
How Industry Collaboration and Feedback Shapes PCI SSC Programs
Posted by
Lindsay Goodspeed
on
27 Sep, 2018
in
Community Meetings
and
Certification
and
QIR
and
SIGs
and
QSA
and
Participation
In his talk at the 2018 North America Community Meeting, COO Mauro Lance discusses how collaboration...
READ MORE
State of the PCI Security Standards Council
Posted by
Lindsay Goodspeed
on
26 Sep, 2018
in
Community Meetings
and
Board of Advisors
and
Participation
In his keynote address to the 2018 North America Community Meeting, Lance Johnson shares his vision ...
READ MORE
Council CTO on Verizon’s 2018 Payment Security Report
Posted by
Lindsay Goodspeed
on
25 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
PCI DSS
and
Compliance
and
BAU
Verizon recently released its 2018 Payment Security Report. During North America PCI Community Meeti...
READ MORE
What’s Next for the PCI P2PE Standard?
Posted by
Lindsay Goodspeed
on
21 Sep, 2018
in
Point to Point Encryption (P2PE)
and
Interview
and
Request for Comments
What happens next with the PCI Point-to-Point Encryption (P2PE) Standard? PCI SSC Chief Technology...
READ MORE
Help Secure Payment Data: PCI SSC Participation Opportunities
Posted by
Laura K. Gray
on
21 Sep, 2018
in
SIGs
and
Board of Advisors
and
PCI SSC
and
Participation
The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase pay...
READ MORE
PCIP in Practice Case Study: Excentus
Posted by
Laura K. Gray
on
13 Sep, 2018
in
Training
and
PCI Professional
and
Case Study
Excentus chose PCI Professional (PCIP) training and certification for its staff to help with forma...
READ MORE
Helping Small Merchants Protect Payment Card Data
Posted by
Lindsay Goodspeed
on
30 Aug, 2018
in
Small Business
and
Community Meetings
and
Small Merchant Resources
In this post, we get insights from Jenna Hutt, Retail Technology Specialist, Rocky Mountain Chocolat...
READ MORE
Threats Facing Small Merchants: A New Tool to Help
Posted by
Lindsay Goodspeed
on
28 Aug, 2018
in
Small Business
and
Firewalls
and
Small Merchant Resources
and
SMB Series
Troy Leach, Chief Technology Officer of the PCI SSC discusses how the Council is helping small mer...
READ MORE
ISA in Practice Case Study: Cafe Rio Mexican Grill
Posted by
Laura K. Gray
on
23 Aug, 2018
in
Training
and
Case Study
and
Internal Security Assessor (ISA)
Looking for in-house PCI knowledge that would help the company stay in front of security requireme...
READ MORE
Impact Payment Security Globally: Serve on the PCI SSC Board of Advisors
Posted by
Laura K. Gray
on
17 Aug, 2018
in
Board of Advisors
and
PCI SSC
and
Participation
The Board of Advisors represents PCI Security Standards Council (PCI SSC) Participating Organization...
READ MORE
Request for Comments: PCI 3DS SDK Security Standard v1.1
Posted by
Laura K. Gray
on
14 Aug, 2018
in
Participation
and
Mobile
and
Request for Comments
and
3DS
From 14 August to 28 August the PCI community, including Participating Organizations, 3-D Secure (3D...
READ MORE
Final Request for Comments: Draft PCI Software Security Framework
Posted by
Laura K. Gray
on
31 Jul, 2018
in
Software
and
Apps
and
PA-DSS
and
Participation
and
Request for Comments
and
Software Security Framework
From 31 July to 7 September, PCI SSC stakeholders are invited to review and provide final feedback o...
READ MORE
PCI 3-D Secure Software Development Kit (3DS SDK) Program Now Available
Posted by
Laura K. Gray
on
27 Jul, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
3DS
Today, the PCI SSC published documentation for vendors and labs to use in developing and evaluating ...
READ MORE
Contactless Payments: PCI SSC on Plans to Develop Security Standard for Payment Acceptance on Merchant COTS Devices
Posted by
Laura K. Gray
on
28 Jun, 2018
in
Interview
and
Mobile
and
Contactless
PCI SSC is in the beginning stages of developing a security standard for accepting contactless payme...
READ MORE
Infographic: Patching
Posted by
Laura K. Gray
on
21 Jun, 2018
in
Small Business
and
Infographic
and
Patching
and
Awareness
and
Vendors
and
QIR
and
Small Merchant Resources
The use of outdated and unpatched software is one of the leading causes of payment data breaches for...
READ MORE
What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS
Posted by
Laura K. Gray
on
15 Jun, 2018
in
Guidance
and
TLS/SSL
and
PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3...
READ MORE
Video: Patching
Posted by
Laura K. Gray
on
13 Jun, 2018
in
Small Business
and
Patching
and
Awareness
and
QIR
and
Small Merchant Resources
and
Video
Unpatched software is one of the leading causes of payment data breaches for businesses.
READ MORE
Q&A with Community Meeting Speakers Sajal Islam and David McGregor
Posted by
Lindsay Goodspeed
on
24 May, 2018
in
Point to Point Encryption (P2PE)
and
Community Meetings
and
Interview
and
PTS POI
and
APAC
Asia-Pacific Community Meeting speakers Sajal Islam, Audit Manager, UL, and David McGregor, Manager ...
READ MORE
Infographic: Strong Passwords
Posted by
Laura K. Gray
on
22 May, 2018
in
Small Business
and
Infographic
and
Passwords
and
Awareness
and
Vendors
and
QIR
and
Small Merchant Resources
The use of weak and default passwords is one of the leading causes of payment data breaches for busi...
READ MORE
Q&A with Community Meeting Speaker Swati Sharma
Posted by
Lindsay Goodspeed
on
18 May, 2018
in
Community Meetings
and
Interview
and
QSA
and
APAC
Asia-Pacific Community Meeting speaker Swati Sharma, QSA, CISSP, CISM discusses the payment securi...
READ MORE
PCI DSS Now and Looking Ahead
Posted by
Laura K. Gray
on
17 May, 2018
in
TLS/SSL
and
Interview
and
PCI DSS
Today the PCI SSC published a minor revision to the PCI Data Security Standard (PCI DSS) to account ...
READ MORE
3 Things to Know About the PCI Software Security Framework in 2018
Posted by
Laura K. Gray
on
11 May, 2018
in
Software
and
Apps
and
Interview
and
PA-DSS
and
Software Security Framework
As payments evolve, PCI SSC continues to evolve PCI Security Standards and programs for securing pay...
READ MORE
Video: Strong Passwords
Posted by
Laura K. Gray
on
3 May, 2018
in
Small Business
and
Passwords
and
Awareness
and
QIR
and
Small Merchant Resources
and
Video
The use of weak and default passwords is one of the leading causes of payment data breaches for busi...
READ MORE
Infographic: Secure Remote Access
Posted by
Laura K. Gray
on
27 Apr, 2018
in
Infographic
and
Awareness
and
QIR
and
Multi-Factor Authentication
and
Remote Access
Insecure remote access is one of the leading causes of payment data breaches for businesses.
READ MORE
PCI Software-based PIN Entry on COTS Program Now Available
Posted by
Laura K. Gray
on
24 Apr, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
Earlier this year, the PCI SSC published the PCI Software-based PIN Entry on COTS (SPoC) Standard, w...
READ MORE
New FAQs on Software-based PIN Entry on COTS
Posted by
Laura K. Gray
on
20 Apr, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
Earlier this year, the PCI SSC published the PCI Software-based PIN Entry on COTS (SPoC) Standard, w...
READ MORE
Coming Soon: Minor PCI DSS Revision
Posted by
Laura K. Gray
on
18 Apr, 2018
in
PCI DSS
A minor revision to the PCI Data Security Standard (PCI DSS) will be published next month. The new...
READ MORE
PCI P2PE in Practice Case Study: Northwestern University and CardConnect
Posted by
Laura K. Gray
on
13 Apr, 2018
in
Point to Point Encryption (P2PE)
and
Case Study
With a mission to enhance the level of transactional data security across every payment location o...
READ MORE
Video: Secure Remote Access
Posted by
Laura K. Gray
on
9 Apr, 2018
in
Awareness
and
QIR
and
Small Merchant Resources
and
Multi-Factor Authentication
and
Remote Access
and
Video
Insecure remote access is one of the leading causes of payment data breaches for businesses.
READ MORE
ISACA Partners with PCI SSC to Provide Discount on Industry Certifications
Posted by
Laura K. Gray
on
5 Apr, 2018
in
Certification
and
Interview
and
QSA
As introduced in August 2017, in 2019 the PCI SSC will increase the industry-recognized professional...
READ MORE
4 Things to Know About PCI DSS in 2018
Posted by
Laura K. Gray
on
29 Mar, 2018
in
TLS/SSL
and
PCI DSS
What happens next with the PCI Data Security Standard (PCI DSS)? Here we look at key updates and m...
READ MORE
Share This: New Resources for Businesses on Payment Data Security Essentials
Posted by
Laura K. Gray
on
28 Mar, 2018
in
Small Business
and
Breaches
and
Infographic
and
Patching
and
Passwords
and
QIR
and
Small Merchant Resources
and
Multi-Factor Authentication
and
Remote Access
and
Video
New Payment Data Security Essentials video and infographics series aims to educate businesses on t...
READ MORE
Q&A with Community Meeting Speaker Steve Marshall
Posted by
Lindsay Goodspeed
on
22 Mar, 2018
in
PCI Forensic Investigator (PFI)
and
Community Meetings
and
Interview
and
BAU
and
MEAF
and
QSA
and
APAC
Community Meetings are hosted by the PCI Security Standards Council in locations around the world.
READ MORE
Video: PCI SSC Updates Training and Certification Program for Integrators and Resellers
Posted by
Laura K. Gray
on
21 Mar, 2018
in
Breaches
and
Patching
and
Passwords
and
Certification
and
Interview
and
QIR
and
Remote Access
and
Video
Watch this video with PCI SSC’s Chief Operating Officer on how training integrators and resellers ...
READ MORE
The QIR Program is Changing: Here’s What You Need to Know
Posted by
Lindsay Goodspeed
on
14 Mar, 2018
in
Patching
and
Passwords
and
Interview
and
QIR
and
Remote Access
The PCI SSC continually listens to feedback and adapts its standards and programs to meet evolving n...
READ MORE
Webinar: SSL and Early TLS Migration: Preparing for 30 June Deadline
Posted by
Laura K. Gray
on
9 Mar, 2018
in
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
and
Educational Resource
and
Webinar
30 June 2018 is the deadline for disabling Secure Sockets Layer/early Transport Layer Security (SSL/...
READ MORE
Request for Comments: PCI Software Security Standard Framework
Posted by
PCI Security Standards Council
on
6 Mar, 2018
in
Software
and
Apps
and
PA-DSS
and
Participation
and
Request for Comments
and
Software Security Framework
From 6 March to 6 April, PCI SSC stakeholders have the opportunity to review and provide feedback ...
READ MORE
PCI Software-based PIN Entry on COTS: Understanding New Test Requirements
Posted by
Laura K. Gray
on
26 Feb, 2018
in
Software
and
Apps
and
Interview
and
PTS POI
and
Mobile
and
SPoC
Test Requirements are now available for the recently announced PCI Security Standard for software-ba...
READ MORE
Resource Guide: Migrating from SSL and Early TLS
Posted by
Laura K. Gray
on
14 Feb, 2018
in
Awareness
and
TLS/SSL
and
PCI DSS
and
Encryption
and
Educational Resource
and
Resource Guide
Is your organization still using Secure Sockets Layer (SSL)/early Transport Layer Security (TLS) pro...
READ MORE
PCI Council Supports Data Privacy Day with Free Training
Posted by
Lindsay Goodspeed
on
25 Jan, 2018
in
Training
and
Patching
and
Passwords
and
Awareness
and
QIR
and
Data Privacy Day
and
Remote Access
In support of Data Privacy Day, we’re offering FREE PCI Awareness training to the first 1,000 people...
READ MORE
New PCI Software-Based PIN Entry on COTS Standard
Posted by
Laura K. Gray
on
24 Jan, 2018
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
The PCI SSC has announced a new PCI Security Standard for software-based PIN entry on commercial off...
READ MORE
Now Accepting Applications for New Associate QSA Program
Posted by
Laura K. Gray
on
18 Jan, 2018
in
QSA
As cybercriminals continue to target payments, cybersecurity skills are critically important to help...
READ MORE
PCI Training for Merchants: Which Course is Right for You?
Posted by
Laura K. Gray
on
3 Jan, 2018
in
Training
and
Awareness
and
Certification
and
PCI Professional
People are a critical part of keeping payment data safe and secure.
READ MORE
Changes Coming to the QIR Program
Posted by
Lindsay Goodspeed
on
21 Dec, 2017
in
Patching
and
Passwords
and
Interview
and
QIR
and
Remote Access
The PCI Security Standards Council (PCI SSC) is planning to restructure the Qualified Integrator and...
READ MORE
Coming Soon: New PCI Software PIN-Entry on COTS Standard
Posted by
Laura K. Gray
on
19 Dec, 2017
in
Software
and
Apps
and
Interview
and
Mobile
and
SPoC
The PCI Security Standards Council (PCI SSC) has been working with industry stakeholders to develop ...
READ MORE
<
0
1
2
>
Get the latest articles right in your inbox
Subscribe Here
CATEGORIES
3DS
(8)
Acquirers
(3)
APAC
(5)
Approved Scanning Vendors
(2)
Apps
(24)
Assessors
(5)
ATM Security
(6)
Awareness
(36)
BAU
(10)
Board of Advisors
(19)
Brazil
(14)
Breaches
(19)
Card Production
(2)
Card Production Standard
(1)
Case Study
(14)
Certification
(8)
Cloud Security
(4)
Community Meetings
(56)
Compliance
(8)
Contactless
(10)
COVID-19
(15)
CPSA Program
(1)
Cyber Security Awareness Month
(7)
Data Privacy Day
(2)
eCommerce
(17)
Educational Resource
(11)
Encryption
(13)
Events
(4)
FAQ
(9)
Firewalls
(5)
GEAR
(1)
Guidance
(22)
Hackers
(16)
Holidays
(14)
India
(3)
Infographic
(12)
Internal Security Assessor (ISA)
(3)
Interview
(145)
IoT
(2)
Key Blocks
(5)
Malware
(12)
MEAF
(3)
Middle East
(2)
Mobile
(24)
Multi-Factor Authentication
(19)
NESA
(1)
PA-DSS
(21)
Participating Organizations
(3)
Participation
(66)
Passwords
(30)
Patching
(28)
PCI DSS
(77)
PCI DSS v4.0
(15)
PCI Forensic Investigator (PFI)
(5)
PCI Professional
(3)
PCI SSC
(44)
PCIP
(1)
Penetration Testing
(2)
Phishing
(11)
PIN Assessments
(2)
PIN Security Standard
(11)
Point of Sale (POS)
(5)
Point to Point Encryption (P2PE)
(28)
Prioritized Approach
(1)
PTS HSM
(1)
PTS POI
(13)
QIR
(24)
QPA
(3)
QSA
(28)
Ransomware
(3)
Regional Engagement Board
(14)
Remote Access
(31)
Request for Comments
(30)
Resource Guide
(13)
Scoping
(4)
Segmentation
(2)
SIGs
(20)
Skimming
(6)
Small Business
(59)
Small Merchant Resources
(42)
SMB Series
(19)
Software
(43)
Software Security Framework
(24)
SPoC
(16)
Strategic Framework
(6)
Third Party Risk
(7)
TLS/SSL
(25)
Training
(31)
Validated Payment Applications
(1)
Vendors
(6)
Video
(6)
Webinar
(1)
Welcome
(1)
Women in Payments
(17)
More
MOST READ
MUST READ
MOST READ
MUST READ