Does storing tokens instead of card data reduce the PCI burden?

PCI Data Security Standard

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • PCI version 1.2 clarifications: How to get an early start on compliance audits

    Last month, the PCI Security Standards Council released a preview of changes in the upcoming Payment Card Industry Data Security Standard revision. The clarifications in the standard's language are welcome adjustments, but the tweaks may have an effe... 

  • Version 1.2 of Payment Card Industry (PCI) Data Security Standard answers questions, raises others

    Understanding the wording of the PCI Data Security Standard isn't always easy. What exactly qualifies as an "application firewall," for example, or even "strong encryption?" Thankfully, clarifications to terminology and requirements are coming in PCI... 

  • The Little Black Book of Computer Security, 2nd Edition

    In an online excerpt of The Little Black Book of Computer Security, expert author Joel Dubin reviews how to prepare for today's most important compliance requirements. 

  • Compliance recycling: Combining compliance efforts to manage PCI DSS

    While the Payment Card Industry Data Security Standard (PCI DSS) looms large over most enterprises' compliance efforts, it doesn't necessarily mean abandoning other compliance efforts. Expert Diana Kelley explains not only how to use existing control... 

  • PCI automation: Discovering the benefits

    Complying with PCI is just the beginning – staying compliant can be a challenge as well. However, automation is one option. Qualified Security Assessor Spyro Malspinas suggests two automation opportunities for financial firms to overcome the ch... 

  • The 'security standards dilemma': Network segmentation and PCI Compliance

    The Hannford Bros. data security breach led many to believe that even PCI-compliant organizations did not properly segment their networks -- or that PCI does not adequately address the importance of network segregation. Contributor Stephen Cobb expla... 

  • PCI compliance and Web applications: Code review or firewalls?

    The Payment Card Industry Data Security Standard is about to get a new wrinkle involving Web applications. As of June 30, 2008, to achieve PCI compliance, enterprises must either have their custom Web application code reviewed or install Web applicat... 

  • Worst practices: Recognizing the biggest compliance mistakes

    With all of the compliance requirements and regulations organizations need to abide by these days, corporate compliance blunders are inevitable. In this tip, security management expert Mike Rothman highlights the biggest compliance mistakes seen in t... 

  • How to apply ISO 27002 to PCI DSS compliance

    The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance. In this tip, expert Richard Mackey explains why the ISO 27002 can not only hel... 

  • PCI standard, take two

    Complying with Payment Card Industry Data Security Standard and its ambiguous requirements and deadlines can be daunting. Fortunately, in an effort to maximize compliance efforts, the industry released a new version of the PCI standard. In this tip, ...