PCI Data Security Standard
Get inside the Payment Card Industry Data Security Standard (PCI DSS) and learn how to get compliant for PCI Data Security Standards with information on requirements, audits and fines as well as what's news in the latest version, PCI DSS 3.2.
New & Notable
PCI Data Security Standard News
-
February 28, 2018
28
Feb'18
Visa reports EMV chip cards thwart fraud, but criminals adapting
Visa points to a 70% drop in fraud due to EMV chip cards, as consumers and merchants adopt the new payment card technology. But criminals are shifting their own focus to adapt.
-
September 06, 2017
06
Sep'17
Risk & Repeat: Payment card security a growing concern
In this week's Risk & Repeat podcast, SearchSecurity editors discuss new research from Verizon on payment card security and the effectiveness of PCI DSS compliance for enterprises.
-
September 01, 2017
01
Sep'17
Enterprise compliance with PCI DSS is up, says Verizon
News roundup: More than half of enterprises are in compliance with PCI DSS, according to a Verizon report. Plus, Turla is on the attack again with a new campaign, and more.
-
August 04, 2016
04
Aug'16
EMV cards, PIN pads vulnerable to man in the middle attacks
Researchers at Black Hat 2016 poked holes in chip and PIN security by demonstrating simple attacks that can intercept EMV card transaction data, including CVV codes and PINs.
PCI Data Security Standard Get Started
Bring yourself up to speed with our introductory content
-
tokenization
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Continue Reading
-
RFC 1918
Request for Comment 1918 (RFC 1918), “Address Allocation for Private Internets,” is the Internet Engineering Task Force (IETF) memorandum on methods of assigning of private IP addresses on TCP/IP networks. Continue Reading
-
Format-preserving encryption use cases, benefits, alternative
With format-preserving encryption, a ciphertext's format is the same as its plaintext's. Read up on the benefits of this cryptography method, NIST FPE methods, vendors and more. Continue Reading
Evaluate PCI Data Security Standard Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Fighting PCI non-compliance could require new frameworks, zero trust
Falling PCI DSS compliance rates could force the PCI Security Standards Council to be more open to other regulatory frameworks and make enterprises aim higher in terms of data security. Could zero trust be part of the solution? Continue Reading
-
Explore this NGFW comparison of leading vendors on the market
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision Continue Reading
-
How to select and implement a next-gen firewall
This buyer's guide examines next-generation firewalls and how to select the correct one for your organization based on comparison of product features. Continue Reading
Manage PCI Data Security Standard
Learn to apply best practices and optimize your operations.
-
5 PCI DSS best practices to improve compliance
Increased rates of PCI noncompliance are worth examining, as are PCI DSS best practices and tips for small and medium-sized companies. Read more in-depth compliance coverage here. Continue Reading
-
How PCI DSS compliance milestones can be a GDPR measuring stick
Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
-
Key steps to put your zero-trust security plan into action
There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
Problem Solve PCI Data Security Standard Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
How can a distributed guessing attack obtain payment card data?
Attackers can gather payment card data by carrying out distributed guessing with a minimal amount of existing information. Expert Michael Cobb explains how this attack works. Continue Reading
-
What caused the ClixSense privacy breach that exposed user data?
A privacy breach at ClixSense led to user account details being put up for sale. Expert Michael Cobb explains how companies should be held accountable for their security practices. Continue Reading
-
How do man-in-the-middle attacks on PIN pads expose credit card data?
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can mitigate these attacks. Continue Reading