PCI Data Security Standard

Get inside the Payment Card Industry Data Security Standard (PCI DSS) and learn how to get compliant for PCI Data Security Standards with information on requirements, audits and fines as well as what's news in the latest version, PCI DSS 3.2.

New & Notable

Download this free guide

Instant Download: Building an Incident Response Action Plan

77% of organizations admit they don’t have a formal cybersecurity incident response plan (CSIRP) that is applied consistently across the organization, according to IBM. If you’re one of them, here’s everything you need to know about building an efficient incident response action plan.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

PCI Data Security Standard News

February 28, 2018 28 Feb'18
Visa reports EMV chip cards thwart fraud, but criminals adapting

Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt.
September 06, 2017 06 Sep'17
Risk & Repeat: Payment card security a growing concern

In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
September 01, 2017 01 Sep'17
Enterprise compliance with PCI DSS is up, says Verizon

News roundup: More than half of enterprises are in compliance with PCI DSS, according to a Verizon report. Plus, Turla is on the attack again with a new campaign, and more.
August 04, 2016 04 Aug'16
EMV cards, PIN pads vulnerable to man in the middle attacks

Researchers at Black Hat 2016 poked holes in chip and PIN security by demonstrating simple attacks that can intercept EMV card transaction data, including CVV codes and PINs.

View All News

PCI Data Security Standard Get Started

Bring yourself up to speed with our introductory content

PCI DSS merchant levels

Merchant levels are used by the payment card industry (PCI) to determine risk levels and determine the appropriate level of security for their businesses. Specifically, merchant levels determine the amount of assessment and security validation that ... Continue Reading
What is included in the mPOS security standard from PCI SSC?

The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help. Continue Reading
ingress filtering

Ingress filtering is a method used by enterprises and internet service providers (ISPs) to prevent suspicious traffic from entering a network. Continue Reading

View All Get Started

Evaluate PCI Data Security Standard Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Explore this NGFW comparison of leading vendors on the market

Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision Continue Reading
How to select and implement a next-gen firewall

This buyer's guide examines next-generation firewalls and how to select the correct one for your organization based on comparison of product features. Continue Reading
6 firewall selection criteria to purchase NGFWs

These six key factors will help your company determine the best NGFW product for your organization's needs. Continue Reading

View All Evaluate

Manage PCI Data Security Standard

Learn to apply best practices and optimize your operations.

How PCI DSS compliance milestones can be a GDPR measuring stick

Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
Key steps to put your zero-trust security plan into action

There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
Can a PCI Internal Security Assessor validate level 1 merchants?

A PCI Internal Security Assessor might not be the best bet to validate the compliance of a level 1 service provider. Expert Matthew Pascucci explains why and the alternative. Continue Reading

View All Manage

Problem Solve PCI Data Security Standard Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How can a distributed guessing attack obtain payment card data?

Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works. Continue Reading
What caused the ClixSense privacy breach that exposed user data?

A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices. Continue Reading
How do man-in-the-middle attacks on PIN pads expose credit card data?

Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading

View All Problem Solve