Since 2011, the PCI Point-to-Point Encryption (P2PE) Standard has provided a clear path to security and compliance for card-present and mail order/telephone order (MOTO) merchants. The P2PE standard is based on secure encryption and decryption of account data at each end of the transaction, rather … Read more
Point-to-point Encryption (P2PE) is an awesome tool for securing retailers’ payment card data. ControlScan highly recommends it in every environment where it’s feasible and cost effective to do so. (We operate security infrastructure in many retail environments with integrated POS systems, where P2PE is either … Read more
The PCI Council just released version 2.0 of the P2PE (Point-to-Point Encryption) Solution Requirements and Testing Procedures. Quick background: P2PE is the process of encrypting a card number in the hardware at the time of the swipe and keeping it encrypted all the way to … Read more
What? You are probably aware that chip cards (EMV) will ultimately replace magnetic stripe cards. You are also likely aware that if your business accepts credit cards then you must be able to accept EMV cards by October, 2015, or you may have to pay … Read more
12/21/15 Update: The PCI SSC is extending the migration completion date to 30 June 2018 for transitioning from SSL and TLS 1.0 to a secure version of TLS (currently v1.1 or higher). Learn more here. 4/15/15 Update: The PCI SSC released PCI DSS v3.1 on its … Read more
Question: Is LogMeIn PCI Compliant for a restaurant back office PC? I heard that leaving an open connection is not compliant. Answer: A remote access program such as LogMeIn can be PCI compliant; however, it must be securely implemented using multiple factors of authentication to … Read more