The Payment Card Industry Data Security Standard (PCI DSS) has 12 primary requirements, but within those it has a multitude of sub-requirements. While many of these are straightforward there are several that can leave even the technologically savvy person perplexed. Secure software application development is … Read more
The best way to truly strengthen your business’s security posture—which is the goal of the PCI DSS—is to have a sober understanding of your risk as well as the full scope of your PCI compliance responsibility. Here are five best practices for easily and cost-effectively … Read more
The days of simply sending a newsletter or statement stuffer to a merchant describing the PCI requirements may no longer be sufficient to protect the Acquiring community (Sponsor Banks, Processors and ISOs) from the card brand obligations, liability and the impact of state law violations. … Read more
Companies frequently ask us about what constitutes a payment application as it relates to PCI Compliance. The term payment application has a very broad meaning in PCI. So hopefully the content of this brief article will help clarify the subject and better define the term. … Read more
If you must store credit card data or you are interested in strengthening your current security practices, it is important to focus attention on your Web applications. PCI Requirement 6.6 requires that you ensure that all Web-facing applications are protected against known attacks by applying … Read more