The Threat of Online Skimming to Payment Security

Posted by Mark Meissner on 1 Aug, 2019 in eCommerce and Breaches and Guidance and Patching and Hackers and Phishing and Awareness and PCI DSS and Multi-Factor Authentication and PCI SSC
How the emerging threat of online skimming presents a great threat to the payment security community... READ MORE

NIST Mapping

Posted by Mark Meissner on 17 Jul, 2019 in Infographic and Guidance and PCI DSS
Mapping PCI DSS v. 3.2.1 to the NIST Cybersecurity Framework v. 1.1   How meeting PCI DSS requiremen... READ MORE

Guidance: PIN Security Requirement 18-3 Key Blocks

Posted by Laura K. Gray on 19 Jun, 2019 in Guidance and PIN Security Standard and Key Blocks
The PIN Security Requirement 18-3 Key Blocks Information Supplement provides a series of FAQs to hel... READ MORE

Resource for Small Merchants: Glossary of Payment and InfoSec Terms

Posted by Lindsay Goodspeed on 28 Feb, 2019 in Small Business and Guidance and Small Merchant Resources and SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec... READ MORE

Resource for Small Merchants: Common Payment Systems

Posted by Lindsay Goodspeed on 12 Feb, 2019 in Small Business and Guidance and Small Merchant Resources and SMB Series
In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment sec... READ MORE

Update to Maintaining Compliance Information Supplement

Posted by Lindsay Goodspeed on 29 Jan, 2019 in Guidance and Awareness and PCI DSS and Compliance and SIGs and BAU
  The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Complian... READ MORE

Industry Guidance on Accepting Telephone Payments Securely

Posted by Lindsay Goodspeed on 27 Nov, 2018 in Guidance and PCI DSS and SIGs
  PCI SSC just published an updated version of the Special Interest Group information supplement Pro... READ MORE

What Happens After 30 June 2018? New Guidance on Use of SSL/Early TLS

Posted by Laura K. Gray on 15 Jun, 2018 in Guidance and TLS/SSL and PCI DSS
Following the release of PCI DSS v3.2.1 to account for dates that have already passed, such as the 3... READ MORE

Guidance: Multi-Factor Authentication

Posted by Laura K. Gray on 1 Dec, 2017 in Guidance and Passwords and Multi-Factor Authentication and Educational Resource and Remote Access
  Attackers continue to compromise valid user credentials to access company networks and steal payme... READ MORE

How the SHA-1 Collision Impacts Security of Payments

Posted by Lindsay Goodspeed on 14 Mar, 2017 in Guidance and Encryption and PTS POI
Recently, Google and CWI Institute in Amsterdam announced that they successfully created a “hash col... READ MORE

Understanding New PCI Guidance on MFA

Posted by Laura K. Gray on 9 Feb, 2017 in Guidance and Passwords and Interview and PCI DSS and Multi-Factor Authentication and PCI SSC
  Attackers continue to compromise valid credentials to access company networks and steal data. To h... READ MORE

Assessor Viewpoint: Q&A on Scoping and Segmentation Guidance

Posted by Lindsay Goodspeed on 15 Dec, 2016 in Guidance and Interview and PCI DSS and Scoping and Segmentation
The Council just published new Guidance for PCI DSS Scoping and Network Segmentation to help clarify... READ MORE

MOST READ

MUST READ