Why ASV Whitelisting is Both Normal and Essential for a Successful PCI Vulnerability Scan

October 30, 2017 • Published Categories PCI 101Tags ,
Is ASV whitelisting “cheating”?

“Why am I being asked to whitelist ControlScan’s IP address as part of your ASV service? Doesn’t bypassing my IPS defeat the purpose of a PCI vulnerability scan?” ASV whitelisting is one of the most common questions our Vulnerability Management team receives, so let’s dive … Read more

The Three Essential Elements of Authentic PCI Compliance

March 27, 2017 • Published Categories Acquirer ProgramsTags , , ,
Authentic PCI compliance goes beyond simply checking the boxes of your SAQ

How many of your merchants are just checking the boxes? Checkbox compliance is nothing new in the payments industry. In fact, Google “checkbox compliance” and you quickly see that thousands of posts have been written about it. These posts describe the exercise of racing to … Read more

“Did We Fall Out of Compliance?”

February 12, 2015 • Published Categories PCI 101Tags , ,

“Ask the QSA” Question: We achieved our SAQ-D in August 2014. We just had some quarterly scans executed and need to remediate two vulnerabilities. Are we now not PCI compliant because some vulnerabilities came up and we are resolving them? Answer: PCI compliance is structured … Read more

The PCI Basics & Quick Guide

January 30, 2015 • Published Categories PCI 101Tags , , , , , , , , , , , , , ,

What Do Small Merchants Need to Do to Achieve PCI Compliance?. The day has come. You have received notification from your acquirer that your organization is required to submit Payment Card Industry (PCI) compliance validation. You’ve also just been informed that there are penalties – … Read more

The PCI DSS, Chaining and the Franchise Relationship

October 21, 2014 • Published Categories Industry TopicsTags , , , , , , , ,

Guest post by David Durko, PrivacyAtlas   My colleagues and I are often asked, “Where does the responsibility for compliance fall when a compliant service provider shares consumer data with a non-compliant third party?” This is an interesting question and one that could change how … Read more

3 Reasons to Get Involved in Your Merchants’ mPOS Adoption

September 17, 2014 • Published Categories Acquirer ProgramsTags , , , , , , , , ,

ControlScan has just released a new report detailing its latest research findings on mobile technology adoption among small and mid-sized businesses (SMBs). The report, Mobile at the Point of Sale: How SMBs are Adopting Mobile Devices to Accept Card-Present Payments, is based on input from … Read more