New & Notable
PCI DSS: Audits and requirements News
April 24, 2013
PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security.
July 15, 2010
Visa clarifies its rules and says acquirers and issuers must accept truncated numbers for dispute resolution.
June 15, 2010
Learn from the industry's leading information security experts who gathered to share proven security strategies. If you couldn't make it to New York City for the event, you can catch up here.
May 18, 2010
Gartner analyst wonders why no PCI-like standard exists for bank account information, which online criminals are targeting.
PCI DSS: Audits and requirements Get Started
Bring yourself up to speed with our introductory content
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Continue Reading
CISP (Cardholder Information Security Program) and PCI (Payment Card Industry Data Security Standard) are specifications developed and used by credit card companies for the purpose of ensuring and enhancing the privacy and security of financial data... Continue Reading
PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued) Continue Reading
Evaluate PCI DSS: Audits and requirements Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
With PCI DSS and other compliance requirements, organizations are looking for surefire solutions to protect payment card and other sensitive data. Tokenization and end-to-end encryption have emerged as promising technologies, but as Dave Shackleford... Continue Reading
Manage PCI DSS: Audits and requirements
Learn to apply best practices and optimize your operations.
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Continue Reading
Put these steps in motion before your organization's first PCI DSS compliance audit. Continue Reading
The final set of PCI requirements relates to maintaining a security policy, and also addresses awareness training, personnel screening and managing service provider relationships. Continue Reading
Problem Solve PCI DSS: Audits and requirements Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis. Continue Reading
The fifth focus area of PCI-DSS requires regular monitoring of systems and activity, as well regular testing of controls. Continue Reading
From federal guidance and industry standards to state laws, financial-services firms are subject to a variety of requirements for managing vendor information security risks by contract. Andrew M. Baer explains how the regulatory guidance is ... Continue Reading