The PCI DSS, Chaining and the Franchise Relationship

October 21, 2014 • Published by Administrator Industry TopicsCouncil, Franchise, Hospitality, Hotel, Requirement 12.8, Requirement 12.9, SSC, Third Party, Vulnerability Scanning

Guest post by David Durko, PrivacyAtlas My colleagues and I are often asked, “Where does the responsibility for compliance fall when a compliant service provider shares consumer data with a non-compliant third party?” This is an interesting question and one that could change how … Read more

“Are Hotels Supposed to be Making Front and Back Copies of My Card?”

June 17, 2014 • Published by Jarred White Industry TopicsCredit Card Authorization, CVV2, Data Storage, Hotel, QSA, Requirement 3.2, Sensitive Authentication Data

Concerned about hotels and front-and-back credit card copies? We regularly hear from consumers who are concerned about the manner in which hotels are collecting credit card information from them, much of which is on paper via Credit Card Authorization forms and front-and-back credit card copies. Here … Read more