PCI Data Security Standard
Get inside the Payment Card Industry Data Security Standard (PCI DSS) and learn how to get compliant for PCI Data Security Standards with information on requirements, audits and fines as well as what's news in the latest version, PCI DSS 3.2.
New & Notable
PCI Data Security Standard News
-
February 28, 2018
28
Feb'18
Visa reports EMV chip cards thwart fraud, but criminals adapting
Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt.
-
September 06, 2017
06
Sep'17
Risk & Repeat: Payment card security a growing concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
-
September 01, 2017
01
Sep'17
Enterprise compliance with PCI DSS is up, says Verizon
News roundup: More than half of enterprises are in compliance with PCI DSS, according to a Verizon report. Plus, Turla is on the attack again with a new campaign, and more.
-
August 04, 2016
04
Aug'16
EMV cards, PIN pads vulnerable to man in the middle attacks
Researchers at Black Hat 2016 poked holes in chip and PIN security by demonstrating simple attacks that can intercept EMV card transaction data, including CVV codes and PINs.
PCI Data Security Standard Get Started
Bring yourself up to speed with our introductory content
-
What is included in the mPOS security standard from PCI SSC?
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help. Continue Reading
-
ingress filtering
Ingress filtering is a method used by enterprises and internet service providers (ISPs) to prevent suspicious traffic from entering a network. Continue Reading
-
Uncharted path to IT and compliance with Digital River's Dyann Bradbury
Bradbury chats with Marcus J. Ranum about her early interest in computers and her unexpected career path to head of global compliance for an e-commerce provider. Continue Reading
Evaluate PCI Data Security Standard Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Big data frameworks: Making their use in enterprises more secure
Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis. Continue Reading
-
How does a PCI ISA help enterprise security and compliance?
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security Assessor helps with security. Continue Reading
-
Do PCI compliance standards matter when merchants sell off-site?
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations can do this. Continue Reading
Manage PCI Data Security Standard
Learn to apply best practices and optimize your operations.
-
Can a PCI Internal Security Assessor validate level 1 merchants?
A PCI Internal Security Assessor might not be the best bet to validate the compliance of a level 1 service provider. Expert Matthew Pascucci explains why and the alternative. Continue Reading
-
Is mobile payment security regulated enough by PCI DSS?
PCI DSS is pretty specific about security, but does it do enough for mobile payment security? Expert Mike Chapple explains why he says yes. Continue Reading
-
What do merchants need to know about PCI tokenization guidelines?
New guidance from the PCI SSC includes some essential aspects of tokenization security and what merchants need to know about tokenization products. Continue Reading
Problem Solve PCI Data Security Standard Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How can a distributed guessing attack obtain payment card data?
Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works. Continue Reading
-
What caused the ClixSense privacy breach that exposed user data?
A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices. Continue Reading
-
How do man-in-the-middle attacks on PIN pads expose credit card data?
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading