Tag Archives: cardholder data
EMV (Europay, MasterCard, Visa): THE COMING SHIFT IN LIABILITY
Author: Todd Becker, PCI QSA, ISO 27001 Auditor ‘Chip and PIN’, or EMV (“Europay, MasterCard, Visa”), is an open-standard set of specifications for smart card payments and acceptance devices and is a popular topic these days with HALOCK’s PCI clients. EMV is not a PCI requirement. However, there is a ‘liability shift’ in October 2015 that […]
PCI Compliance – 96% of victims subject to PCI DSS had not achieved compliance
I’m going to refer to another something in a previous blog, the one about Verizon’s 2012 Data Breach Report regarding PCI Compliance.
Understanding PCI Service Providers
One of the common misunderstandings we’ve noticed among merchants is in relation to the proper definition of a PCI Service Provider. Most companies understand that if they share cardholder data with a third party, that entity is a Service Provider and needs to be covered for DSS requirements 12.8.x. But there’s another class of Service Providers that often gets […]