Tag Archives: pci dss requirements

Clarifying the new PCI DSS 3.2 Requirements for Service Providers

By Viviana Wesley, PCI QSA, ISO 27001 Auditor The process of securing cardholder data is a shared responsibility amongst multiple parties that play a role in the card transaction process. They include merchants, processors, acquirers, backup tape storage facilities, issuers and service providers just to name a few. All of these entities play a part in […]

PCI and Third Party Security Assurance: The PCI Council’s Guidance Summarized

Author: Viviana Wesley, PCI QSA Some recent breaches of cardholder data have been the direct result of a successful compromise of a trusted third party to the breached entity. For example, a factor in the well-publicized breach at Target may have been compromised credentials of a trusted service provider with access to the Target internal […]