PCI Level 2 Non-Compliance, Mastercard’s New Rules
I have had many questions on the topic of compliance for Level II PCI Merchants that are transitioning from a SAQ (self-assessment questionnaire) to an On-site audit with a Report on Compliance (ROC). Many are concerned with the prospect that (more…)
PCI Compliance Adoption Rates Continue to Rise
PCI Compliance Adoption Rates. Visa’s latest report (updated as of June 30, 2010) on the percentage of the current merchant and service provider population currently validated as PCI compliant shows that most companies have now achieved compliance with the PCI Data Security Standard (more…)
The Sounds of PCI Compliance
So I’ll admit I’m relatively new to the PCI Compliance arena. That said, I’ve been working with technology and financial companies for the last 15 years and while I’ve seen topics come & go; PCI Compliance is here to stay. I’ve noticed some commonalities from the folks I’ve spoken with recently and I wanted to share some (more…)
Importance of maintaining network documentation for PCI Compliance
Maintaining network documentation for PCI Compliance. The PCI Data Security Standard (PCI DSS) is a set of about 200 prescriptive technical and process-centric requirements intended to help organizations proactively secure credit card data. Entities that store, process or transmit credit card data, including merchants, service providers and card issuers of all sizes, are required to comply with the (more…)
Understanding PCI Service Providers
One of the common misunderstandings we’ve noticed among merchants is in relation to the proper definition of a PCI Service Provider. Most companies understand that if they share cardholder data with a third party, that entity (more…)
Defining the Scope for PCI Compliance
As most people familiar with the PCI Data Security Standard would agree, properly defining scope for (more…)