3 Common Pitfalls to Meeting PCI DSS Compliance

December 29, 2015 • Published Categories PCI 101Tags , , , ,

Guest post by Lohit Mehta, Security Researcher for the InfoSec Institute This article focuses on three of the most commonly identified issues when an organization is audited for PCI compliance by an external party. This article also offers some tips to avoid these pitfalls. Pitfall … Read more

How You Can Use Tokenization to Reduce PCI Scope

August 4, 2015 • Published Categories Best PracticesTags , ,

Limiting Your PCI Scope Every business that handles the financial data of their customers is looking for ways to limit their PCI scope. Doing so minimizes the cost, effort and risk that comes with PCI compliance. After all, the less payment information that your organisation … Read more

EMV is Not a Security Technology

July 1, 2015 • Published Categories Best Practices, UncategorizedTags , , , , ,

What? You are probably aware that chip cards (EMV) will ultimately replace magnetic stripe cards. You are also likely aware that if your business accepts credit cards then you must be able to accept EMV cards by October, 2015, or you may have to pay … Read more

Will EMV Make You PCI Compliant?

December 18, 2014 • Published Categories PCI 101Tags , , , , , , ,

Understanding EMV’s capabilities with the concepts of data security and PCI compliance. Many merchant acquirers, payment processors and Independent Sales Organizations (ISOs) have been reaching out to business owners to alert them of America’s 2015 migration from magstripe (i.e., “swipe”) credit/debit cards to EMV (i.e., “chip”) payment cards. … Read more

“We would like to request a credit card number in advance of an event…”

April 17, 2014 • Published Categories Ask the QSATags , , , , , , , , ,

Question: We are developing our payment policy for a venue rental business and would like to request a credit card number to be submitted 14 days prior to the event to have on file for any damages that might occur during the event. Will I be … Read more