Scoping cloud environments: Tips and best practices
The PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) issued a joint bulletin to highlight the importance of properly scoping cloud environments. …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1
The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Secure Software Lifecycle (SLC) Standard and its supporting program documentation. The PCI …
ATM cash-out: A rising threat requiring urgent attention
The PCI Security Standards Council (PCI SSC) and the ATM Industry Association (ATMIA) issued a joint bulletin to highlight an increasing threat that requires urgent awareness …
Only 27.9% of organizations able to maintain compliance with the PCI DSS
Global organizations continue to put their customers’ cardholder data at risk due to a lack of long term payment security strategy and execution, flags the Verizon report. …
PCI SSC updates standard for payment devices to protect cardholder data
The PCI Security Standards Council has updated the standard for payment devices to enable stronger protections for cardholder data. Meeting the accelerating changes of payment …
PCI Point-to-Point Encryption Standard 3.0 released
The PCI Security Standards Council (PCI SSC) has updated the PCI Point-to-Point Encryption Standard (P2PE) and supporting program. PCI P2PE Version 3.0 simplifies the process …
CPoC: New data security standard for contactless payments
The PCI Security Standards Council (PCI SSC) published a new data security standard for solutions that enable merchants to accept contactless payments using a commercial …
PCI SSC unveils new assessor qualification program
The PCI Security Standards Council (PCI SSC) launched a new assessor qualification program to support the PCI Software Security Framework (SSF), a collection of standards and …
Online skimming: An emerging threat that requires urgent awareness and attention
A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, …
PCI SSC unveils two new validation programs for software vendors and assessors
The PCI Security Standards Council (PCI SSC) announced two new validation programs for use by payment software vendors to demonstrate that both their development practices and …
PCI SSC accepting applications for the Qualified PIN Assessor Program
PCI SSC is accepting applications for the Qualified PIN Assessor (QPA) Program. The QPA Program will enable security professionals to perform assessments using the PCI PIN …