How Website Security Gets Breached: 3 Common Errors and 3 Basic Fixes

June 7, 2017 • Published Categories Best PracticesTags , ,
Website security: 3 common errors, 3 basic fixes

The bad guys don’t care what—or how much of it—you sell online. Today’s e-commerce businesses are in hackers’ cross hairs for many reasons, not the least of which is their ease of access. With the Internet as their gateway, every single e-commerce business is an … Read more

PCI Learnings from the Verizon 2017 Data Breach Digest

April 12, 2017 • Published Categories Best PracticesTags , , ,
PCI Learning from the Verizon 2017 Data Breach Digest

The story behind the DBD. Each spring, the information security community looks forward to the release of the latest Verizon Data Breach Investigation Report (DBIR). This year we have some advanced data breach info as we await the DBIR: The Verizon 2017 Data Breach Digest … Read more

The Three Essential Elements of Authentic PCI Compliance

March 27, 2017 • Published Categories Acquirer ProgramsTags , , ,
Authentic PCI compliance goes beyond simply checking the boxes of your SAQ

How many of your merchants are just checking the boxes? Checkbox compliance is nothing new in the payments industry. In fact, Google “checkbox compliance” and you quickly see that thousands of posts have been written about it. These posts describe the exercise of racing to … Read more

For Acquirers, the Visa QIR Deadline Has Come and Gone.

March 3, 2017 • Published Categories Acquirer ProgramsTags , , ,
Did you miss the Visa QIR deadline?

If you missed the QIR deadline, you need to act fast. At last month’s Northeast Acquirers Association (NEAA) Conference, I joined the Legislative Panel to speak on the subject of the Visa Qualified Integrators & Resellers (QIR) program. My talking points were timely, given the … Read more

PCI SAQ 3.2 Revisions: Is Your Business Affected?

February 3, 2017 • Published Categories Industry TopicsTags , , ,
PCI SAQ 3.2 Revisions - Learn the impact Rev. 1.1 could have on your business.

This week, the PCI Security Standards Council (SSC) announced their release of Revision 1.1 to SAQ 3.2. The SSC characterizes this revision as “errata,” and after careful examination, it is truly mostly “errata.”  That is, there are small language changes, some corrected misspellings and a few instances of … Read more