PCI Perspectives

Paving the way: Inspiring Women in Payments - A podcast featuring Natasja Bolton

Posted by Alicia Malone on 4 Mar, 2021 in Interview and PCI SSC and Women in Payments

With more than 20 years in the technology industry, Natasja Bolton’s experience has largely been a... READ MORE

PCI DSS v4.0 Timeline Updated to Support an Additional RFC

Posted by Lindsay Goodspeed on 26 Feb, 2021 in PCI DSS and Request for Comments and PCI DSS v4.0

Industry feedback is fundamental to the evolution of the PCI Data Security Standard (PCI DSS). Bec... READ MORE

Paving the way: Inspiring Women in Payments - A Q&A featuring Jen Stone

Posted by Alicia Malone on 22 Feb, 2021 in Interview and PCI SSC and Women in Payments

She was a single mom with three kids in daycare, no child support, and a job as an executive assis... READ MORE

PCI Secure SLC Program Expands Vendor Eligibility with Version 1.1

Posted by Alicia Malone on 18 Feb, 2021 in Software and Training and Awareness and Vendors and PA-DSS and Software Security Framework

Today, the PCI Security Standards Council (PCI SSC) published version 1.1 of the PCI Secure Software... READ MORE

Paving the way: Inspiring Women in Payments - A podcast featuring Angel Grant

Posted by Alicia Malone on 10 Feb, 2021 in Interview and PCI SSC and Women in Payments

When she’s not perfecting her lock-picking skills, Angel Grant is busy building a diverse team who... READ MORE

Request for Comments: PTS HSM Security Requirements v4.0

Posted by Lindsay Goodspeed on 9 Feb, 2021 in Participation and Request for Comments and PTS HSM

PTS Vendors who are Participating Organizations and PCI Recognized labs are invited to review and ... READ MORE

Paving the way: Inspiring Women in Payments - A Q&A featuring Sheryl Benedict

Posted by Alicia Malone on 29 Jan, 2021 in Interview and PCI SSC and Women in Payments

After seeing the 1983 film WarGames as a child, Sheryl Benedict became fascinated by computer tech... READ MORE

PCI SSC Executive Director Discusses New Board and 2021 Priorities

Posted by Lance J. Johnson on 28 Jan, 2021 in Awareness and Interview and PCI DSS and Board of Advisors and Participation and Mobile and Software Security Framework and PCI DSS v4.0

With the start of a new year, PCI SSC Executive Director Lance Johnson welcomes the new 2021-2022 Bo... READ MORE

PCI SSC Announces 2021 Special Interest Group Election Results

Posted by Alicia Malone on 27 Jan, 2021 in Guidance and SIGs and Participation

Following its annual Special Interest Group (SIG) election process, the PCI Security Standards Cou... READ MORE

Paving the way: Inspiring Women in Payments - A podcast featuring Nicole Braun

Posted by Alicia Malone on 20 Jan, 2021 in Interview and PCI SSC and Women in Payments

At times, Nicole Braun was the only female Qualified Security Assessor (QSA) in the entire country... READ MORE

Request for Comments: SPoC Unsupported Operating Systems Annex

Posted by Alicia Malone on 6 Jan, 2021 in Participation and Mobile and Request for Comments and SPoC and PIN Security Standard

From 6 January 2021 to 4 February 2021, PCI SSC stakeholders can participate in a Request for Comm... READ MORE

A Q&A with Gill Woodcock, VP, Global Head of Programs

Posted by Alicia Malone on 8 Dec, 2020 in Interview and PCI SSC and Women in Payments

After more than 10 years at PCI Security Standards Council (PCI SSC), Gill Woodcock, VP, Global He... READ MORE

Vote Now for 2021 Special Interest Group Projects

Posted by Alicia Malone on 23 Nov, 2020 in Guidance and SIGs and Participation

From now through 21 December 2020, PCI SSC Participating Organizations are invited to vote on prop... READ MORE

SAFECode and PCI SSC Discuss the Evolution of Secure Software

Posted by Alicia Malone on 20 Nov, 2020 in Software and Guidance and Awareness and Interview and PCI DSS and PA-DSS and PCI SSC and Third Party Risk and Software Security Framework

When the PCI Security Standards Council (PCI SSC) developed its Software Security Framework (SSF) a ... READ MORE

Payment Security in India: 2020 India Forum

Posted by Mark Meissner on 19 Nov, 2020 in Small Business and PCI Forensic Investigator (PFI) and eCommerce and Breaches and Training and Events and Awareness and Interview and Board of Advisors and PCI SSC and QSA and Participation and India

As Associate Director for India, Nitin Bhatnagar is responsible for driving awareness and adoption o... READ MORE

How to Successfully Transition Software from PA-DSS to the PCI Secure Software Standard

Posted by Alicia Malone on 11 Nov, 2020 in Software and Training and Acquirers and Vendors and Interview and PA-DSS and QSA and Software Security Framework

On 28 October 2022, the Payment Application Data Security Standard (PA-DSS) program will officially ... READ MORE

A Message from PCI SSC Executive Director Lance Johnson: Vote for the 2021-2022 Board of Advisors

Posted by Lance J. Johnson on 9 Nov, 2020 in Board of Advisors and Participation

Every two years we ask PCI SSC Participating Organizations to nominate candidates and then vote to e... READ MORE

Request for Comments: PCI Card Production v3 Draft Standard

Posted by Lindsay Goodspeed on 6 Nov, 2020 in Participation and Request for Comments and Card Production

From 2 November to 1 December 2020, PCI SSC stakeholders can participate in a Request for Comments... READ MORE

Women in Payments: Q&A with Gina Gobeyn

Posted by Alicia Malone on 3 Nov, 2020 in Interview and PCI SSC and Women in Payments

From businesswoman to cybersecurity chief, Gina Gobeyn took a nontraditional route to the payments... READ MORE

Making a Difference: Global Payments

Posted by Alicia Malone on 22 Oct, 2020 in Interview and Board of Advisors and Participation and COVID-19

The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next... READ MORE

Beware of Account Testing Attacks

Posted by Mark Meissner on 21 Oct, 2020 in Breaches and Patching and Passwords and PCI DSS and PCI DSS v4.0

PCI SSC's Troy Leach and NCFTA's Matt LaVigna share guidance and information on protecting against A... READ MORE

Making a Difference: Accor

Posted by Alicia Malone on 20 Oct, 2020 in Interview and Board of Advisors and Participation and COVID-19

The PCI Security Standards Council (PCI SSC) recently announced the nomination period for the next... READ MORE

Beware of ATM Cash-Outs

Posted by Mark Meissner on 7 Oct, 2020 in Breaches and Patching and Passwords and Malware and Hackers and Skimming and Phishing and Awareness and PCI DSS and Penetration Testing and Multi-Factor Authentication and Remote Access and PCI DSS v4.0

PCI SSC and ATMIA share guidance and information on protecting against ATM Cash-outs. READ MORE

Women in Payments: Q&A with Diana Greenhaw

Posted by Alicia Malone on 6 Oct, 2020 in Interview and PCI SSC and Women in Payments

Protecting data is everyone’s responsibility, according to Diana Greenhaw who followed a nontradit... READ MORE

PCI PIN Security in Practice Case Study: First Tech

Posted by Lindsay Goodspeed on 1 Oct, 2020 in Case Study and Brazil and Regional Engagement Board and PIN Security Standard

In this PCI PIN Security Requirements in Practice Case Study, Brazil Regional Engagement Board Mem... READ MORE

The Value of the PCI Secure Software Lifecycle Standard for Software Vendors

Posted by Alicia Malone on 30 Sep, 2020 in Software and Training and Vendors and PA-DSS and Software Security Framework

The PCI Secure Software Lifecycle (Secure SLC) Standard is part of the PCI Software Security Framewo... READ MORE

What to Know Before Participating in a PCI SSC RFC

Posted by Lindsay Goodspeed on 29 Sep, 2020 in PCI DSS and Participation and Request for Comments and Resource Guide and PCI DSS v4.0

The PCI SSC Request for Comments (RFC) process is an avenue for PCI SSC stakeholders to provide fe... READ MORE

Request for Comments: PCI DSS Version 4.0 Draft Standard

Posted by Lindsay Goodspeed on 23 Sep, 2020 in PCI DSS and Participation and Request for Comments and PCI DSS v4.0

From 23 September to 13 November 2020, PCI SSC stakeholders can participate in a Request for Comme... READ MORE

PCI PIN Security in Practice Case Study: Gertec

Posted by Lindsay Goodspeed on 21 Sep, 2020 in Case Study and Brazil and Regional Engagement Board and PIN Security Standard

In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Gertec shares how ... READ MORE

PCI DSS in Practice Case Study: PicPay

Posted by Lindsay Goodspeed on 16 Sep, 2020 in PCI DSS and Case Study and Brazil and Regional Engagement Board

In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member PicPay shares how ... READ MORE

PCI SSC to Host its 2020 Community Meetings Online as Virtual Events

Posted by Alicia Malone on 15 Sep, 2020 in Events and Community Meetings and Interview and PCI SSC and Participation and Remote Access

In an unprecedented year, PCI Security Standards Council (PCI SSC) will host its 2020 Community Me... READ MORE

Benefits of Becoming a Participating Organization

Posted by Jeremy King on 14 Sep, 2020 in Training and Community Meetings and SIGs and Board of Advisors and Participation and Participating Organizations

It is great that your organization takes securing payment data seriously. Now is the time to take ... READ MORE

NIST and PCI SSC Find Common Ground in Development of Software Frameworks

Posted by Alicia Malone on 10 Sep, 2020 in Software and Guidance and Awareness and Interview and PCI DSS and PA-DSS and PCI SSC and Software Security Framework

The National Institute of Standards and Technology (NIST) and the PCI Security Standards Council (PC... READ MORE

Women in Payments: Q&A with Julie Krueger

Posted by Alicia Malone on 8 Sep, 2020 in Interview and PCI SSC and Women in Payments

When Julie Krueger graduated from college 35 years ago, only five percent of her electrical engine... READ MORE

Registration Now Open for Software Security Framework New Assessor Training

Posted by Alicia Malone on 3 Sep, 2020 in Software and Training and Software Security Framework and Assessors

Registration is now open for Software Security Framework (SSF) New Assessor Training. PCI Security S... READ MORE

PCI DSS in Practice Case Study: CSU

Posted by Lindsay Goodspeed on 2 Sep, 2020 in PCI DSS and Case Study and Brazil and Regional Engagement Board

In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member CSU Cardsystem S.A... READ MORE

PCI DSS in Practice Case Study: Cielo

Posted by Lindsay Goodspeed on 26 Aug, 2020 in PCI DSS and Case Study and Brazil and Regional Engagement Board

In this PCI DSS in Practice Case Study, Brazil Regional Engagement Board Member Cielo shares the c... READ MORE

Make a Difference: Serve on the 2021-2022 PCI SSC Board of Advisors

Posted by Alicia Malone on 18 Aug, 2020 in Interview and Board of Advisors and Participation and FAQ

Every two years, PCI Security Standards Council asks its Participating Organizations to elect its ne... READ MORE

PCI SSC Offers Informational Training via New eLearning Platform

Posted by Alicia Malone on 13 Aug, 2020 in Training and Certification and Interview

PCI Security Standards Council (PCI SSC) has adopted a new eLearning platform to move all informat... READ MORE

Women in Payments: Q&A with Robin Trickel

Posted by Alicia Malone on 12 Aug, 2020 in Interview and PCI SSC and Women in Payments

Companies achieve more when a variety of perspectives are represented at the table. In this month’... READ MORE

What's Next for PCI SSC Mobile Payments Security Standards?

Posted by Ralph Spencer Poore on 31 Jul, 2020 in Mobile and SPoC and Contactless

PCI SSC has published Software-based PIN-entry on COTS (SPoC)™ v1.1, Contactless Payments on COTS ... READ MORE

A View into Feedback from the PCI DSS v4.0 RFC

Posted by Lauren Holloway on 29 Jul, 2020 in PCI DSS and Participation and Request for Comments and Participating Organizations and PCI DSS v4.0

PCI SSC recently concluded the review of over 3,000 comments submitted for the first PCI DSS v4.0 ... READ MORE

Women in Payments: Q&A with Lisa Conroy

Posted by Alicia Malone on 14 Jul, 2020 in Interview and PCI SSC and Women in Payments

Though she didn’t initially set out to prevent crime, when Lisa Conroy was first involved in data se... READ MORE

What’s New in PCI SPoC Security Standard Version 1.1?

Posted by Alicia Malone on 25 Jun, 2020 in Software and Apps and Interview and PTS POI and Mobile and SPoC and Contactless

Today, the PCI SSC published a minor revision to the PCI SPoC Security Standard. Version 1.1 of th... READ MORE

Just Updated: PTS POI Standard

Posted by Lindsay Goodspeed on 16 Jun, 2020 in Software and PTS POI and Mobile and Remote Access

Today, PCI SSC has published PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular... READ MORE

What to Know About the Approved Scanning Vendor Program

Posted by Lindsay Goodspeed on 10 Jun, 2020 in Training and Awareness and Interview and PCI SSC

New vulnerabilities, security holes and bugs are being discovered daily. It is vital to have Inter... READ MORE

We Are All in This Together: Responding to the COVID-19 Pandemic

Posted by Alicia Malone on 4 Jun, 2020 in Guidance and Training and Phishing and Awareness and Interview and Multi-Factor Authentication and Remote Access and Video and COVID-19

Global representatives of the PCI Security Standards Council recently came together, via a virtual... READ MORE

Women in Payments: Q&A with Diane Rogerson

Posted by Alicia Malone on 2 Jun, 2020 in Interview and PCI SSC and Women in Payments

Diane Rogerson didn’t choose a career in cybersecurity; rather, it chose her. In this month’s blog s... READ MORE

PCI DSS v4.0: Anticipated Timelines and Latest Updates

Posted by Lindsay Goodspeed on 29 May, 2020 in PCI DSS and PCI SSC and QSA and Participation and PCI DSS v4.0

Industry feedback, together with the changes in payments, technology, and security, is driving our... READ MORE

Request for Comments: PIN v3.1 Standard Draft

Posted by Lindsay Goodspeed on 29 May, 2020 in Participation and Request for Comments and PIN Security Standard

From 29 May 2020 to 30 June 2020, PCI SSC stakeholders can participate in a Request for Comments (... READ MORE

Request for Comments: Secure Software Standard Update: Draft Terminal Software Module

Posted by Alicia Malone on 21 May, 2020 in Software and PA-DSS and QSA and Participation and Request for Comments and Software Security Framework

From 21 May to 22 June 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC) ... READ MORE

2020 – 2022 Global Executive Assessor Roundtable

Posted by Alicia Malone on 19 May, 2020 in Awareness and Interview and Participation and GEAR

In 2018, PCI Security Standards Council established its first Global Executive Assessor Roundtable (... READ MORE

Women in Payments: Q&A with Julie Quandt

Posted by Alicia Malone on 5 May, 2020 in Interview and PCI SSC and Women in Payments

Julie Quandt used to be the only woman in the room at her corporate meetings. In this month’s Women ... READ MORE

Beware of Online Skimming Threats During the COVID-19 Crisis

Posted by Mark Meissner on 4 May, 2020 in eCommerce and Breaches and Guidance and Patching and Passwords and Malware and Hackers and Skimming and Awareness and Interview and PCI DSS and Multi-Factor Authentication and PCI SSC and COVID-19

PCI SSC and the U.S. Chamber of Commerce shares guidance and information on protecting against onlin... READ MORE

Maintaining POS Device Security and Cleanliness

Posted by Emma Sutcliffe on 30 Apr, 2020 in Point of Sale (POS) and COVID-19

With the global spread of COVID-19, awareness about the potential risks associated with touching pub... READ MORE

Additional Remote Assessment Considerations During COVID-19

Posted by Emma Sutcliffe on 28 Apr, 2020 in PCI SSC and QSA and Remote Access and COVID-19

PCI SSC recognizes that in the current exceptional circumstances relating to COVID-19, entities are ... READ MORE

Updated Guidance: Responding to a Data Breach

Posted by Gill Woodcock on 22 Apr, 2020 in PCI Forensic Investigator (PFI) and Training and Certification and Resource Guide

PCI Security Standards Council recently updated the guidance document: Responding to a Cardholder Da... READ MORE

8 Tips for Small Merchants: Protecting Payment Data During COVID-19

Posted by Lindsay Goodspeed on 21 Apr, 2020 in Small Business and Patching and Passwords and Small Merchant Resources and SMB Series and Remote Access and Resource Guide and COVID-19

The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that... READ MORE

7 Common Questions about CPEs During COVID-19

Posted by Lindsay Goodspeed on 17 Apr, 2020 in Point to Point Encryption (P2PE) and Training and QSA and FAQ and COVID-19

Continuing professional education is an important component of PCI SSC Qualification. Staying up to ... READ MORE

Women in Payments: Q&A with Tracey Long

Posted by Alicia Malone on 7 Apr, 2020 in Interview and PCI SSC and Women in Payments

After 10 years on the police force, Tracey Long knew a thing or two about fraud. In this month’s blo... READ MORE

How the PCI DSS Can Help Remote Workers

Posted by Emma Sutcliffe on 26 Mar, 2020 in Patching and Passwords and Firewalls and Awareness and PCI DSS and Multi-Factor Authentication and Remote Access and COVID-19

PCI SSC shares guidance for protecting payment data and how to work securely when connecting and wor... READ MORE

Beware of COVID-19 Online Scams and Threats

Posted by Troy Leach on 25 Mar, 2020 in Patching and Passwords and Firewalls and Hackers and Phishing and Awareness and PCI DSS and Multi-Factor Authentication and Remote Access and COVID-19

PCI SSC shares guidance on protecting against COVID-19 scams and threats. READ MORE

Protecting Payments While Working Remotely

Posted by Lindsay Goodspeed on 23 Mar, 2020 in SIGs and BAU and Remote Access and COVID-19

PCI SSC is dedicated to providing necessary guidance to the payments industry during evolving circum... READ MORE

Women in Payments: Q&A with Marie-Christine Vittet

Posted by Alicia Malone on 17 Mar, 2020 in Interview and PCI SSC and Women in Payments

For Marie-Christine Vittet, cybersecurity is more than a job, it’s a way of life. In this month’s bl... READ MORE

Important Training Schedule Update: Instructor-Led Trainings (ILT) Canceled

Posted by Alicia Malone on 16 Mar, 2020 in Point to Point Encryption (P2PE) and Training and Awareness and QSA and COVID-19

Updated 29 June 2020 With the primary concern continuing to be for the safety of everyone involved, ... READ MORE

How Industry Feedback is Shaping the Future of PCI DSS

Posted by Lance J. Johnson on 12 Mar, 2020 in PCI DSS and Participation and Request for Comments and Strategic Framework and Participating Organizations and PCI DSS v4.0

The Council recently conducted its most successful Request for Comment (RFC) ever - on the initial d... READ MORE

Remote Assessments and the Coronavirus

Posted by Troy Leach on 11 Mar, 2020 in QSA and PIN Assessments and COVID-19

Troy Leach, Senior Vice President, Engagement Officer, PCI SSC, discusses guidance for performing as... READ MORE

Expiration Date Extended for PTS POI v.3 Devices

Posted by Lindsay Goodspeed on 10 Mar, 2020 in Awareness and Compliance and PTS POI and COVID-19

Due to supply-chain disruptions related to the coronavirus, the PCI Council has extended the expir... READ MORE

Request for Comments: Software-based PIN Entry on COTS Standard v1.1

Posted by Lindsay Goodspeed on 5 Mar, 2020 in PTS POI and Participation and Request for Comments and SPoC and Contactless and QPA

From 2 March to 14 April 2020, PCI SSC stakeholders can participate in a Request for Comments (RFC... READ MORE

PCI SSC Statement on COVID-19

Posted by Lance J. Johnson on 4 Mar, 2020 in Awareness and COVID-19

PCI SSC is aware of the unprecedented situation caused by the spread of COVID-19. As circumstances e... READ MORE

New Guidance: PCI DSS for Large Organizations

Posted by Lindsay Goodspeed on 20 Feb, 2020 in PCI DSS and Compliance and SIGs and BAU and Resource Guide

PCI Security Standards Council has published a new Information Supplement: PCI DSS for Large Organiz... READ MORE

Women in Payments: Q&A with Amy Zirkle

Posted by Mark Meissner on 6 Feb, 2020 in Interview and PCI SSC and Women in Payments

We at the PCI Security Standards Council believe strongly that there is a need for more women in cyb... READ MORE

PCI SSC in Brazil: New Regional Engagement Board for 2020

Posted by Lindsay Goodspeed on 29 Jan, 2020 in Participation and Brazil and Regional Engagement Board

PCI SSC has announced a newly expanded Brazil Regional Engagement Board. Here we talk with PCI SSC... READ MORE

Request for Comments: PCI PTS Point of Interaction (POI) v6

Posted by Lindsay Goodspeed on 28 Jan, 2020 in PTS POI and QSA and Participation and Request for Comments and QPA

From 24 January to 24 February 2020, PCI SSC stakeholders can participate in a Request for Comment... READ MORE

How Industry Collaboration Created a Unified PIN Standard

Posted by Mark Meissner on 20 Jan, 2020 in Interview and PIN Assessments

On the blog we discuss a joint collaboration between PCI SSC and ASC X9 to create a unified PIN stan... READ MORE

Online Skimming and Payment Security

Posted by Mark Meissner on 9 Jan, 2020 in eCommerce and Breaches and Guidance and Patching and Hackers and Awareness and Interview and PCI DSS and Multi-Factor Authentication and PCI SSC

On the blog, we cover basic questions with Christopher D. Roberti, Senior Vice President for Cyber, ... READ MORE

Women in Payments: Q&A with Stacy Hughes

Posted by Mark Meissner on 6 Jan, 2020 in Interview and PCI SSC and Women in Payments

We at the PCI Security Standards Council believe strongly that there is a need for more women in cyb... READ MORE

Increasing Industry Participation and Knowledge

Posted by Laura K. Gray on 18 Dec, 2019 in Interview and PCI SSC and Participation and Strategic Framework

Increasing industry participation and knowledge is a core pillar in the PCI Security Standards Counc... READ MORE

P2PE v3.0: What Merchants Need to Know

Posted by Lindsay Goodspeed on 12 Dec, 2019 in Point to Point Encryption (P2PE)

The updates to the P2PE Standard and supporting program is part of the Council’s mission to evolve s... READ MORE

P2PE v3.0: What Vendors and Assessors Need to Know

Posted by Lindsay Goodspeed on 12 Dec, 2019 in Point to Point Encryption (P2PE) and Interview

The updates to the P2PE Standard and supporting program are part of the Council’s mission to evolve ... READ MORE

Increasing Standards Alignment and Consistency

Posted by Laura K. Gray on 11 Dec, 2019 in Interview and PCI SSC and Participation and Strategic Framework

Increasing standards alignment and consistency is a core pillar in the PCI Security Standards Counci... READ MORE

Be Alert this Holiday Season: Payment Security Tips for Businesses

Posted by Mark Meissner on 5 Dec, 2019 in Small Business and Small Merchant Resources and Educational Resource

On this blog we explore the challenges around security of payment data during the hectic holiday sea... READ MORE

Just Published: PCI Contactless Payments on COTS

Posted by Laura K. Gray on 4 Dec, 2019 in Mobile and Contactless

The PCI Security Standards Council (PCI SSC) has published a new data security standard for solution... READ MORE

Securing Emerging Payment Channels

Posted by Laura K. Gray on 3 Dec, 2019 in Interview and PCI SSC and Participation and Strategic Framework

Securing emerging payment channels is a core pillar in the PCI Security Standards Council’s (PCI SSC... READ MORE

ISA in Practice Case Study: TIVIT

Posted by Laura K. Gray on 21 Nov, 2019 in Training and Case Study and Internal Security Assessor (ISA) and Brazil and Regional Engagement Board

To better serve its customers in the payment card industry and support their PCI Data Security Sta... READ MORE

Evolving PCI Standards and Validation

Posted by Laura K. Gray on 20 Nov, 2019 in Interview and PCI SSC and Participation and Strategic Framework

Evolving PCI Standards and Validation is a core pillar in the PCI Security Standards Council’s strat... READ MORE

ISA in Practice Case Study: Braspag

Posted by Laura K. Gray on 14 Nov, 2019 in Training and Case Study and Internal Security Assessor (ISA) and Brazil and Regional Engagement Board

Driven by a need to improve internal security controls, help improve the company’s interactions wi... READ MORE

Vote Now for 2020 Special Interest Group Projects

Posted by Lindsay Goodspeed on 11 Nov, 2019 in Guidance and SIGs and Participation

From now through 25 November PCI SSC Participating Organizations are invited to vote on proposals ... READ MORE

PCI DSS in Practice Case Study: FIS

Posted by Laura K. Gray on 7 Nov, 2019 in PCI DSS and Case Study and Brazil and Regional Engagement Board

FIS faced the challenge of coordinating several simultaneous assessments across its organization a... READ MORE

Key Blocks 104

Posted by Mark Meissner on 4 Nov, 2019 in Point to Point Encryption (P2PE) and Encryption and PIN Security Standard and Key Blocks

The PCI PIN Standard requires implementation of Key Blocks. On this blog, the fourth of the series, ... READ MORE

Participation Opportunity: 2020-2021 Brazil Regional Engagement Board

Posted by Laura K. Gray on 1 Nov, 2019 in PCI DSS and Participation and Brazil and Regional Engagement Board

From 1-29 November 2019, the PCI Security Standards Council (PCI SSC) is accepting nominations from ... READ MORE

What to Know about PCIP Requalification

Posted by Elizabeth Terry on 30 Oct, 2019 in Training and Awareness and Certification and Participation and PCIP

The Payment Card Industry Professional (PCIP) is an individual, entry-level qualification in payme... READ MORE

Request for Comments: PCI DSS Version 4.0

Posted by Laura K. Gray on 28 Oct, 2019 in PCI DSS and Request for Comments and PCI DSS v4.0

From 28 October to 13 December 2019, PCI SSC stakeholders can participate in a Request for Comment... READ MORE

Coming Soon: New Contactless Standard

Posted by Laura K. Gray on 23 Oct, 2019 in Community Meetings and Interview and PTS POI and Mobile and Contactless

In December, PCI SSC plans to publish a new standard for solutions that enable “tap and go” transa... READ MORE

How the Council is Evolving to Secure the Future of Payments

Posted by Lindsay Goodspeed on 22 Oct, 2019 in Community Meetings and Interview and PCI DSS and PCI DSS v4.0

In his presentation at the 2019 PCI Community Meeting this week in Dublin, Chief Technology Officer ... READ MORE

Resource Guide: Transitioning from PA-DSS to the Software Security Framework

Posted by Laura K. Gray on 21 Oct, 2019 in Apps and Community Meetings and PA-DSS and Resource Guide and Software Security Framework

The PCI Security Standards Council (PCI SSC) has published a resource guide with key information t... READ MORE

PCI DSS in Practice Case Study: Braspag

Posted by Laura K. Gray on 17 Oct, 2019 in PCI DSS and Case Study and Brazil and Regional Engagement Board

Braspag was challenged with managing the costs involved with implementing and maintaining the PCI ... READ MORE

PCI DSS in Practice Case Study: Decolar

Posted by Laura K. Gray on 10 Oct, 2019 in PCI DSS and Cloud Security and Case Study and Brazil and Regional Engagement Board

Decolar needed to ensure that PCI Data Security Standard (PCI DSS) controls were being maintained ... READ MORE

New Assessor Opportunity: PCI Software Security Framework

Posted by Laura K. Gray on 2 Oct, 2019 in QSA and Software Security Framework and Assessors

PCI SSC has launched a new assessor qualification program to support the PCI Software Security Fra... READ MORE

3 Things to Know About P2PE v3.0

Posted by Lindsay Goodspeed on 19 Sep, 2019 in Point to Point Encryption (P2PE) and Community Meetings

The PCI P2PE Standard provides a comprehensive set of security requirements for validation of P2PE s... READ MORE

5 Questions About PCI DSS v4.0

Posted by Laura K. Gray on 18 Sep, 2019 in Community Meetings and PCI DSS and Request for Comments and PCI DSS v4.0

In this interview with the Council’s Global Head of Standards, Emma Sutcliffe, we address key questi... READ MORE

Executive Director Q&A: PCI SSC Strategic Framework

Posted by Laura K. Gray on 17 Sep, 2019 in Community Meetings and Interview and PCI SSC and Participation and Strategic Framework

In his keynote presentation at the 2019 PCI Community Meeting this week in Vancouver, Executive Dire... READ MORE

Understanding the PCI Software Security Framework: New Educational Resources

Posted by Laura K. Gray on 16 Sep, 2019 in Apps and PA-DSS and Resource Guide and Software Security Framework

Ahead of the North America Community Meeting this week in Vancouver, PCI SSC has published new educ... READ MORE

Closing the Gender Gap in Payment Security

Posted by Mark Meissner on 30 Aug, 2019 in Interview and PCI SSC

September 1, 2019 is International Women in Cyber Day. On the blog, we profile Emma Sutcliffe, Head... READ MORE

Key Blocks 103

Posted by Mark Meissner on 27 Aug, 2019 in Point to Point Encryption (P2PE) and Encryption and PIN Security Standard and Key Blocks

The PCI PIN Standard requires implementation of Key Blocks. On the blog, the third of the series, w... READ MORE

Regional Update: PCI Latin America Forum in Brazil

Posted by Laura K. Gray on 16 Aug, 2019 in Interview and Participation and Brazil and Regional Engagement Board

The PCI SSC Latin America Forum took place this week in São Paulo, Brazil, gathering more than 350 p... READ MORE

Key Blocks 102

Posted by Mark Meissner on 15 Aug, 2019 in Encryption and PIN Security Standard and Key Blocks

The PCI PIN Standard requires implementation of Key Blocks. On the blog, we cover basic questions a... READ MORE

3 Things to Know about PCI DSS v4.0 Development

Posted by Laura K. Gray on 5 Aug, 2019 in PCI DSS and Request for Comments and PCI DSS v4.0

PCI SSC stakeholders play an important role in the ongoing evolution of the PCI Data Security Standa... READ MORE

The Threat of Online Skimming to Payment Security

Posted by Mark Meissner on 1 Aug, 2019 in eCommerce and Breaches and Guidance and Patching and Hackers and Phishing and Awareness and PCI DSS and Multi-Factor Authentication and PCI SSC

How the emerging threat of online skimming presents a great threat to the payment security community... READ MORE

Information Supplement: Best Practices for Maintaining PCI DSS Compliance

Posted by Lindsay Goodspeed on 31 Jul, 2019 in PCI DSS and Compliance and SIGs and BAU and Resource Guide

Information Supplement: Best Practices for Maintaining PCI DSS Compliance provides updated guidance ... READ MORE

5 Common Questions About Continuing Professional Education Credits

Posted by Elizabeth Terry on 25 Jul, 2019 in Point to Point Encryption (P2PE) and Training and QSA and FAQ

Continuing professional education is an important component of PCI SSC Qualification. Staying up to ... READ MORE

Request for Comments: Contactless Payments on COTS Standard

Posted by Laura K. Gray on 22 Jul, 2019 in Mobile and Request for Comments and Contactless

From 22 July to 20 August 2019, PCI SSC stakeholders can participate in a Request for Comments (RFC)... READ MORE

PCI Software Security Framework FAQS: PA-DSS Impact and Transition

Posted by Laura K. Gray on 19 Jul, 2019 in Software and PA-DSS and FAQ and Software Security Framework

New FAQs address key questions on the transition from PA-DSS to the PCI Software Security Framework. READ MORE

NIST Mapping

Posted by Mark Meissner on 17 Jul, 2019 in Infographic and Guidance and PCI DSS

Mapping PCI DSS v. 3.2.1 to the NIST Cybersecurity Framework v. 1.1 How meeting PCI DSS requiremen... READ MORE

FAQ: Can organizations use alternative password management methods to meet PCI DSS Requirement 8?

Posted by Lindsay Goodspeed on 11 Jul, 2019 in Passwords and PCI DSS and Multi-Factor Authentication and FAQ

Did you know that the Frequently Asked Questions (FAQ) resource on the PCI SSC website is updated re... READ MORE

Key Blocks 101

Posted by Mark Meissner on 9 Jul, 2019 in Encryption and PIN Security Standard and Key Blocks

The PCI PIN Security Requirements and Testing Procedures (PCI PIN Security Standard) require impleme... READ MORE

New Software Security Framework Programs: Timeline & Key Milestones

Posted by Laura K. Gray on 26 Jun, 2019 in Software and Apps and Interview and PA-DSS and Software Security Framework

PCI SSC has announced the rollout of the Secure Software Lifecycle (Secure SLC) and Secure Software ... READ MORE

Guidance: PIN Security Requirement 18-3 Key Blocks

Posted by Laura K. Gray on 19 Jun, 2019 in Guidance and PIN Security Standard and Key Blocks

The PIN Security Requirement 18-3 Key Blocks Information Supplement provides a series of FAQs to hel... READ MORE

PCI on Mobile Payment Acceptance: SPoC and Contactless Updates

Posted by Laura K. Gray on 29 May, 2019 in Software and Mobile and SPoC and Contactless

PCI SSC recently completed the first of two request for comments (RFC) periods on the draft PCI Co... READ MORE

PCI Software Security Framework: Update on Assessor Qualification

Posted by Laura K. Gray on 23 May, 2019 in Software and Apps and Interview and PA-DSS and Software Security Framework

Who will be eligible to conduct assessments under the PCI Software Security Framework? How will th... READ MORE

Request for Comments: P2PE Standard v3.0

Posted by Lindsay Goodspeed on 22 May, 2019 in Point to Point Encryption (P2PE) and Participation and Request for Comments

From 20 May to 19 June, PCI SSC stakeholders can participate in a Request for Comments (RFC) on th... READ MORE

Programs Update: PCI Software Security Framework

Posted by Laura K. Gray on 25 Apr, 2019 in Software and Apps and Interview and PCI DSS and Software Security Framework

New validation programs are being developed to support the PCI Software Security Standards. Together... READ MORE

PCI Standards in 2019: Q&A with CTO Troy Leach

Posted by Laura K. Gray on 12 Apr, 2019 in Point to Point Encryption (P2PE) and Interview and PCI DSS and PTS POI and Third Party Risk and Participation and Request for Comments and SPoC and Software Security Framework and Contactless and PCI DSS v4.0

What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Off... READ MORE