Tag Archives: PCI DSS

Keeping Track of PCI DSS v4.0

UPDATE: New Blog on PCI DSS 4.0 Get updates on the status on PCI DSS review of the 2019 RFC comments, when the final version of PCI DSS is planned to be completed, timing of the next request for comments (RFC), and information about the RFC feedback they received.

Covid-19 Does Not Exempt Compliance nor Security Obligations

While companies are consumed with the task of implementing remote work strategies in response to the COVID-19 crisis, it is critical to remember one thing: No matter how chaotic things get, Coronavirus does not exempt you from your industry or government compliancy obligations such as HIPAA, CCPA and PCI DSS. It also does not release […]

THE FTC IS TELLING US THAT PCI DSS CERTIFICATION IS NOT ENOUGH. NOW WHAT?

As part of its enduring interest in LifeLock, Inc., the Federal Trade Commission issued the following statement on December 17, 2015, “PCI DSS certification is insufficient in and of itself to establish the existence of reasonable security protections … the existence of a PCI DSS certification is an important consideration in, but by no means […]

A Merchant’s Guide to PCI SSC Compliance – HALOCK

A Merchant’s Guide to PCI SSC Compliance By Morgan Rickel  PMP, QSA If you are a merchant considering the implementation of a mobile payment acceptance solution, or if you are currently using one, the Payment Card Industry Security Standards Council (PCI SSC) has determined that one of the major risk factors in validating mobile payment […]

EMV (Europay, MasterCard, Visa): THE COMING SHIFT IN LIABILITY

Author: Todd Becker, PCI QSA, ISO 27001 Auditor ‘Chip and PIN’, or EMV (“Europay, MasterCard, Visa”), is an open-standard set of specifications for smart card payments and acceptance devices and is a popular topic these days with HALOCK’s PCI clients. EMV is not a PCI requirement. However, there is a ‘liability shift’ in October 2015 that […]