Tag Archives: PCI SSC

Payment Processing in a Remote Working Environment

2020

Organizations are facing a lot of change with remote work set ups – in both physical location and operational shifts. Especially challenged are businesses that manage credit card information electronically and over the phone. These new working conditions unearth new risks for sensitive data. Social distancing can also bring about more social engineering attempts. According […]

A Merchant’s Guide to PCI SSC Compliance

2016

A Merchant’s Guide to PCI SSC Compliance By Morgan Rickel  PMP, QSA If you are a merchant considering the implementation of a mobile payment acceptance solution, or if you are currently using one, the Payment Card Industry Security Standards Council (PCI SSC) has determined that one of the major risk factors in validating mobile payment […]

PCI DSS v3.1 Coming – SSL No Longer Considered Strong Cryptography

2015

SSL No Longer Considered Strong Cryptography Author: Viviana Wesley, PCI QSA In a recent bulletin the Payment Card Industry Security Standards Council (PCI SSC) stated that updates will be forthcoming to the Data Security Standard (DSS) version 3.0 – and very soon.  The change is related to vulnerabilities seen with Secure Socket Layer (SSL) cryptography.

Understanding PCI Service Providers

2010

One of the common misunderstandings we’ve noticed among merchants is in relation to the proper definition of a PCI Service Provider.  Most companies understand that if they share cardholder data with a third party, that entity is a Service Provider and needs to be covered for DSS requirements 12.8.x.  But there’s another class of Service Providers that often gets […]