SAQ A vs. A-EP: What E-Commerce Merchants, Service Providers Need to Know Now

June 12, 2014 • Published Categories Industry Topics Tags , , , , , ,

Taking a firm stance on the security of partially outsourced e-commerce sites. When the new PCI DSS version 3.0 Self Assessment Questionnaires (SAQs) were released earlier this year, my colleagues and I closely read them to understand the potential impact on self-assessing merchants as well … Read more

How EMV Can Fail

May 21, 2014 • Published Categories Industry Topics Tags , , , ,

If you’ve been following the media reports surrounding Target’s massive data breach, then you’ve no doubt heard the acronym “EMV.” The credit card chip technology is on an imminent path for widespread implementation in the U.S. marketplace, but many have speculated that EMV by itself … Read more

“I have a question about storing credit card information”

April 3, 2014 • Published Categories PCI 101 Tags , ,

Question: I work for an e-commerce company and have a question about storing credit card information. In the past, if an order contained potentially fraudulent information we would request a credit card authorization form, which would require a front and back scan of the card as … Read more

New SAQ A-EP Addresses E-Commerce Merchants Using Payment Redirects

March 7, 2014 • Published Categories Industry Topics Tags , , , , , , , ,
E-commerce Merchants

The new PCI DSS version 3.0 Self Assessment Questionnaires (SAQs) are out, and after our initial look, there are some notable differences. This article focuses on the brand new “SAQ A-EP” for “Partially Outsourced E-commerce Merchants Using a Third-Party Website for Payment Processing.” NOTE: After reading … Read more

How the Right Hosted Payment Technologies Reduce Online Merchants’ PCI Scope

April 30, 2013 • Published Categories Best Practices Tags , , , , ,

The exponential growth associated with mobile device adoption is spurring a digital commerce disruption within most every facet of business. Small businesses have great benefit potential when they harness these new opportunities to sell online and via mobile devices, because today’s myriad cloud-based services can … Read more

Helping SMB Merchants Cross the Chasm of PCI Compliance [Infographic]

November 13, 2012 • Published Categories Acquirer Programs Tags , , , , , , ,

The last four years have been marked by continued growth in Level 4 merchant data compromise, yet a recent study report from ControlScan and Merchant Warehouse reveals that many SMB merchants are still not receiving—or effectively responding to—messages about cardholder data security. How ISOs and Acquirers can … Read more