New & Notable
PCI DSS: Audits and requirements News
October 02, 2015
News roundup: Despite a low adoption rate going into the liability shift, many in the industry are optimistic about the future of EMV use. Plus: TrueCrypt flaws; AWS crypto keys stolen; women in infosec.
October 01, 2015
The Oct. 1, 2015 deadline for EMV liability has arrived, though merchants and retailers alike aren't ready for the change.
April 24, 2013
PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security.
July 15, 2010
Visa clarifies its rules and says acquirers and issuers must accept truncated numbers for dispute resolution.
PCI DSS: Audits and requirements Get Started
Bring yourself up to speed with our introductory content
An EMV card is a credit or debit card with an embedded computer chip and associated technology designed to enable secure payment at compatible point of sale (POS) terminals; EMV stands for Europay, Mastercard and Visa, the three companies ... Continue Reading
Complying with PCI penetration testing mandates has always been a challenge for enterprises. Expert Kevin Beaver discusses the recently released PCI SSC pen testing guidance and how it can help enterprises overcome their PCI woes. Continue Reading
Organizations need to review the PCI DSS 3.0 requirements and prepare for the mandatory changes coming in June 2015. Expert Mike Chapple explains how to prepare for the deadline. Continue Reading
Evaluate PCI DSS: Audits and requirements Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
EMV technology has been adopted by a small number of merchants despite the Oct. 1 liability deadline, and it may stay that way for a while. Here's why. Continue Reading
With PCI DSS and other compliance requirements, organizations are looking for surefire solutions to protect payment card and other sensitive data. Tokenization and end-to-end encryption have emerged as promising technologies, but as Dave Shackleford... Continue Reading
Manage PCI DSS: Audits and requirements
Learn to apply best practices and optimize your operations.
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Continue Reading
Put these steps in motion before your organization's first PCI DSS compliance audit. Continue Reading
The final set of PCI requirements relates to maintaining a security policy, and also addresses awareness training, personnel screening and managing service provider relationships. Continue Reading
Problem Solve PCI DSS: Audits and requirements Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis. Continue Reading
The fifth focus area of PCI-DSS requires regular monitoring of systems and activity, as well regular testing of controls. Continue Reading
Federal regulations, state laws and industry standards all stress the need for financial institutions to audit and monitor third-party security as part of their vendor risk assessment. Consequently, third-party contracts must include vendor auditing... Continue Reading