2014 has been a year filled with news about breaches – big breaches – record breaking breaches. I have spent the majority of the year talking to many people about PCI DSS version 3.0 SAQs. I have spoken to Merchant Banks, Processors, small businesses, IT … Read more
Taking a firm stance on the security of partially outsourced e-commerce sites. When the new PCI DSS version 3.0 Self Assessment Questionnaires (SAQs) were released earlier this year, my colleagues and I closely read them to understand the potential impact on self-assessing merchants as well … Read more
If you’ve been following the media reports surrounding Target’s massive data breach, then you’ve no doubt heard the acronym “EMV.” The credit card chip technology is on an imminent path for widespread implementation in the U.S. marketplace, but many have speculated that EMV by itself … Read more
Question: I work for an e-commerce company and have a question about storing credit card information. In the past, if an order contained potentially fraudulent information we would request a credit card authorization form, which would require a front and back scan of the card as … Read more
The new PCI DSS version 3.0 Self Assessment Questionnaires (SAQs) are out, and after our initial look, there are some notable differences. This article focuses on the brand new “SAQ A-EP” for “Partially Outsourced E-commerce Merchants Using a Third-Party Website for Payment Processing.” NOTE: After reading … Read more
The exponential growth associated with mobile device adoption is spurring a digital commerce disruption within most every facet of business. Small businesses have great benefit potential when they harness these new opportunities to sell online and via mobile devices, because today’s myriad cloud-based services can … Read more