PCI council launches certification program for IT staff
The organization responsible for administering the Payment Card Industry Data Security Standard (PCI DSS) has launched a new program to help enterprises conduct self-assessments of their compliance...
View ArticlePCI security group speaks out on encryption
The organization in charge of defining security for the payment-card industry's merchants and service providers Tuesday issued two guidance papers, the first on end-to-end encryption and the second on...
View ArticleCisco beefs up Wi-Fi mobile payment security
Cisco is beefing up wireless transaction security with new software features for its Wi-Fi access points. The vendor says the changes add needed protection over and above that mandated by the Payment...
View ArticleEnterprises get new guidance on PCI compliance in virtual environments
Enterprises got some much needed clarification on the implementation of PCI requirements in virtualized environments on Tuesday.
View ArticlePCI Council says mobile payment apps can meet security standard
The PCI Security Standards Council has released its long-awaited guidance on how mobile payment acceptance applications can meet PCI standards.
View ArticlePCI point-to-point encryption guidelines raise new questions
The PCI Security Standards Council today is expected to issue guidelines on use of point-to-point encryption in protecting sensitive payment card data, but the narrow approach — which is focused on...
View ArticleMerchants urged to avoid BYOD gear, jailbroken smartphones/tablets for...
Businesses that want to make use of consumer-grade smartphones and tablets as a point-of-sale device to process payment cards are being advised to only do so when appropriate encryption controls and...
View ArticlePayment card industry gets updated security standard with new requirements
The PCI Security Standards Council released version 3.0 of the PCI Data Security Standard (PCI DSS) and corresponding Payment Application Data Security Standard (PA-DSS), adding new security...
View ArticleUS lawmakers call for data protection standards to avoid breaches
The U.S. Congress should mandate that banks, retailers and payment card processors adopt new security standards to protect against widespread data breaches, some lawmakers said Wednesday.
View ArticleRetailers urged to defend against 'Backoff' point-of-sale malware
A payment card industry security consortium warned retailers on Wednesday of the urgency to secure their systems against "Backoff," a malicious software program that steals card numbers.
View ArticleWhy hackers may be stealing your credit card numbers for years
While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry.
View ArticleShellshock flaw could pose risks to payments industry
The "Shellshock" flaw has the potential to pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies...
View ArticlePCI Council looks for ways to stem data breaches after bad year
A consortium that develops guidelines for protecting payment card data is hoping that emerging security technologies will help prevent breaches that made this year one of the worst ever on the security...
View ArticleGroups to push for encryption, secure payments at White House cyber summit
The White House heads west to Silicon Valley on Friday looking for ideas on how to improve the nation's cybersecurity, and members of President Barack Obama's administration are likely to get an earful.
View Article