Tag Archives: cardholder data

EMV (Europay, MasterCard, Visa): THE COMING SHIFT IN LIABILITY

Author: Todd Becker, PCI QSA, ISO 27001 Auditor ‘Chip and PIN’, or EMV (“Europay, MasterCard, Visa”), is an open-standard set of specifications for smart card payments and acceptance devices and is a popular topic these days with HALOCK’s PCI clients. EMV is not a PCI requirement. However, there is a ‘liability shift’ in October 2015 that […]

Understanding PCI Service Providers

One of the common misunderstandings we’ve noticed among merchants is in relation to the proper definition of a PCI Service Provider.  Most companies understand that if they share cardholder data with a third party, that entity is a Service Provider and needs to be covered for DSS requirements 12.8.x.  But there’s another class of Service Providers that often gets […]