Target’s 3DES Encryption Statement: What Does It Tell Us? What Information is Missing? And Where Does PCI Apply?

December 31, 2013 • Published Categories Industry TopicsTags , , , , , , ,

On December 27, Target issued an official statement about hackers’ access to encrypted debit card PIN data along with the payment card numbers accessed during its breach event. Some have wondered whether Target’s claims regarding the encrypted PIN codes are accurate. Although Target has not provided us … Read more

If You Are “in the Cloud,” You May Still Be Exposed to PCI Compliance Risk

December 11, 2013 • Published Categories Best Practices, Industry TopicsTags , , , , ,

Here’s a news headline that is currently scaring security executives and causing a few sleepless nights: “NSA Has Hacked 50,000 Computers Globally.” What does this have to do with PCI compliance, you might ask? If the National Security Agency can easily hack into private computer … Read more

Top 5 Takeaways from the 2013 North American PCI Community Meeting

October 14, 2013 • Published Categories Industry TopicsTags , , , , , , , , , , , ,
Mandalay Bay PCI Compliance Meeting

In recent years, the annual PCI Community Meetings (both here in the U.S. and abroad) have served as an important forum for discussing and gaining a stronger understanding of payment data security best practices and requirements. With the planned release of version 3.0 of both … Read more

Key Takeaways from the SSC Mobile and Cloud Guidelines

March 18, 2013 • Published Categories Industry Topics, ISOs/AcquirersTags , , , , , , , ,
SSC Mobile and Cloud Guidlines

The PCI Mobile Payment Acceptance Security Guidelines for Merchants as End-Users was designed to create awareness of challenges in and best practices for accepting payments with a mobile device. The following are three key takeaways from the document: General-purpose mobile devices (i.e., smartphones, tablets, etc.) are designed … Read more

More and More Hackers are “Foodies.” Well, Sort of…

February 5, 2013 • Published Categories Industry TopicsTags , , , , , , , , , , , , , , ,
Foodies

According to the most recent Verizon Data Breach Investigations Report, hackers are apparently spending a lot more time discovering the latest hip, trendy restaurants. But they are not spending money on artisanal cheeses, free-range chicken, or chickpea and orzo salad with Piquillo pepper vinaigrette. Nope. They … Read more

The PCI SSC Releases New Mobile Payment Acceptance Security Guidelines for Developers and Device Manufacturers

September 25, 2012 • Published Categories Archive, Industry TopicsTags , , , , , , , ,
New Mobile Payment Acceptance

The Payment Card Industry Security Standards Council (PCI SSC) released new guidelines during its recent Community Meeting in Orlando. The new Mobile Payment Acceptance Security guidelines apply to the payment applications identified in Mobile Payment Acceptance Application Category 3, and they give software developers and mobile … Read more