Collaborate Disseminate
The PCI SSC published the latest version of its device security standard for Hardware Security Modules (HSMs). HSMs are secure cryptographic devices that are used for cryptographic-key management and the protection of sensitive data used in payment car… Continue reading PCI SSC updates its device security standard for HSMs
Zimperium announced it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. Zimperium will work with the PCI SSC to help secure payment data worldwide on mobile apps and devices. It will also leverage its threat … Continue reading Zimperium partners with PCI SSC to help secure payment data on mobile apps and devices
The PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) issued a joint bulletin to highlight the importance of properly scoping cloud environments. Why cloud computing matters The use of cloud computing services has accelerat… Continue reading Scoping cloud environments: Tips and best practices
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and operation on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (… Continue reading PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Secure Software Lifecycle (SLC) Standard and its supporting program documentation. The PCI Secure SLC Standard is one of two standards that are part of the PCI Software S… Continue reading PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1
The PCI Security Standards Council (PCI SSC) and the ATM Industry Association (ATMIA) issued a joint bulletin to highlight an increasing threat that requires urgent awareness and attention. What is the threat? An ATM cash-out attack is an elaborate and… Continue reading ATM cash-out: A rising threat requiring urgent attention
Global organizations continue to put their customers’ cardholder data at risk due to a lack of long term payment security strategy and execution, flags the Verizon report. With many companies struggling to retain qualified CISOs or security managers, t… Continue reading Only 27.9% of organizations able to maintain compliance with the PCI DSS
The PCI Security Standards Council has updated the standard for payment devices to enable stronger protections for cardholder data. Meeting the accelerating changes of payment device technology The PCI PIN Transaction Security (PTS) Point-of-Interactio… Continue reading PCI SSC updates standard for payment devices to protect cardholder data
The PCI Security Standards Council (PCI SSC) has updated the PCI Point-to-Point Encryption Standard (P2PE) and supporting program. PCI P2PE Version 3.0 simplifies the process for component and solution providers to validate their P2PE products for card… Continue reading PCI Point-to-Point Encryption Standard 3.0 released
The PCI Security Standards Council (PCI SSC) published a new data security standard for solutions that enable merchants to accept contactless payments using a commercial off-the-shelf (COTS) mobile device with near-field communication (NFC). PCI CPoC S… Continue reading CPoC: New data security standard for contactless payments