PCI Merchants Featured Article
The Top 5 Questions to Ask a Prospective Penetration Tester
Does the PCI DSS require that your IT network undergo a penetration test? If any part of your business network is connected to the Internet, then the answer is probably yes. Here are the questions you should ask any penetration testing vendor prior to signing on the dotted line.
How to Select a PCI Compliant Service Provider: Advice for Small Business Owners
Service providers are a key component to ensuring compliance with the Payment Card Industry Data Security Standard (PCI DSS). Outsourcing to a PCI-compliant service provider is one of the best ways business owners can help reduce their PCI obligations and risk of a data breach.
How the Right Hosted Payment Technologies Reduce Online Merchants' PCI Scope
If you are a small or mid-sized business (SMB) owner, the process for evaluating your online business and becoming PCI compliant can seem impossible to follow—or at the very least, extremely daunting.
PCI Compliance and the Service Provider
Your organization is a service provider if it hosts or manages payment data on behalf of other businesses. Even if your business operates primarily as a merchant, acknowledging any and all service provider components will enable you to take a holistic view of your scope of compliance with the PCI DSS—and, it may help set you apart from your competitors.
More and More Hackers are "Foodies." Well, Sort Of…
According to recent reports, hackers are apparently spending a lot more time discovering the latest hip, trendy restaurants. But they are not spending money on artisanal cheeses, free-range chicken, or chickpea and orzo salad with Piquillo pepper vinaigrette.
Holiday POS Security: A Quick Reference for the SMB Retailer
SMB retailers are now in the throes of the holiday season. While you've probably trained your sales staff to look for shoplifters, you may not have discussed the physical security of your POS systems.
Don't Be Fooled! There's No Such Thing as an Automated Penetration Test.
Many small merchants, having been told they need a "network penetration test," will seek out the quickest and cheapest way possible to comply with this PCI DSS requirement.
Security Logging and Monitoring (PCI DSS Requirement 10): Why all the Fuss?
Merchants who are just learning about the PCI DSS can become quickly overwhelmed by its lengthy list of requirements. In addition, many merchants may find themselves wondering whether certain requirements are even applicable to their business.
Five Things to do Before Using Your Mobile Device to Accept Credit Card Payments
The taxi driver at the airport took your credit card using Square on an iPhone. The plumber that fixed your leaky pipes swiped your card on a PayPal device connected to an Android phone. And that posh restaurant where you impressed a client not only took your order on an iPad, but the server swiped your credit card on a PayFox device attached to the iPad. It seems as though everyone is taking advantage of mobile payment technology… Shouldn't you?
Level 2 Merchants Beware: Your PCI validation process could be changing
If your business processes between 1 million and 6 million credit card transactions annually and you accept MasterCard as a form of payment, your PCI validation process is probably about to change.