PCI Software Security Framework
For businesses using PA-DSS assessed applications the time is near to start considering the new Software Security Framework that the PCI Council that will be mandated soon.
Tag Archives: PA-DSS
A Merchant’s Guide to PCI SSC Compliance
A Merchant’s Guide to PCI SSC Compliance By Morgan Rickel PMP, QSA If you are a merchant considering the implementation of a mobile payment acceptance solution, or if you are currently using one, the Payment Card Industry Security Standards Council (PCI SSC) has determined that one of the major risk factors in validating mobile payment […]
PCI DSS AND PA-DSS V3.0 CHANGE HIGHLIGHTS
Author: Viviana Wesley, PCI QSA The PCI Security Standards Council has published a change highlights document for v3.0 expected in November 7th 2013.
NEXT-GEN MALWARE DEFENSE
‘Malware’ has come a long way – next-gen malware. From merely annoyance applications coded by bored engineering students for notoriety all the way to professionally developed stealth applications for financial gains and stealing state secrets. According to Verizon’s 2012 Data Breach Investigations Report, 69% of the breaches were attributed to malware infections. The business impact of […]
PCI Council Changes the Rules for PA-DSS Minor Changes
The PCI Council recently released version 2.0 of the PA-DSS Program Guide, available here, which includes a significant change with regards to the definition of a “minor change” and what it means to Payment Application Vendors. Certain types of changes that would have previously required a complete revalidation of the payment application can now be addressed […]
PCI Council Releases Revised PA-DSS Eligibility Criteria
On June 29, 2011 the PCI Security Council released a checklist outlining the types of payment applications that are eligible for PA-DSS validation: