Posts Tagged ‘pci dss’

PCI DSS: Which PCI SAQ is Right for My Business?

Organisations that fall within Levels 2–4 of the PCI DSS (Payment Card Industry Data Security Standard) can attest to compliance with an SAQ (self-assessment questionnaire). You will fall into one of those levels if your organisation processes fewer than six million card transactions per year. There are several types of questionnaire, and in this blog we help […]

Leave a Comment

Putting PCI-DSS in Perspective

Much attention and excitement within the security world has recently been focused on the lucrative surge in crypto-mining malware and hacks involving or targeting cryptocurrency implementations themselves. Yet the volume of ‘real world’ transactions for tangible goods and services currently paid for with cryptocurrency is still relatively niche in comparison to those that are being […]

Leave a Comment

The ultimate guide to PCI DSS compliance

The ultimate guide to PCI DSS compliance Luke Irwin   If your business handles debit or credit card data, you’ve probably heard of the PCI DSS (Payment Card Industry Data Security Standard). It’s an information security framework designed to reduce payment card fraud by requiring organisations to implement technical and organisational defence measures. We explain everything you […]

Comments (1)

NFC Flaws in POS Devices and ATMs

Now Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems’ firmware. With a wave of his phone, he can exploit a variety of bugs to crash point-of-sale devices, hack them to collect and transmit credit card data, invisibly change the […]

Leave a Comment

5 Updates from PCI SSC That You Need to Know

As payment technologies evolve, so do the requirements for securing cardholder data. Source: Slideshows – Dark Reading PCI DSS: Looking Ahead to Version 4.0 3 Primary Goals for PCI DSS Version 4.0 What is PCI DSS? | A Brief Summary of the Standard How to Achieve PCI DSS Compliance on AWS Subscribe to DISC InfoSec […]

Leave a Comment

PCI Risk Assessment Tips Offered

  Council Issues Guidelines to Address Security Shortcomings In its just-released guidelines for ongoing risk assessments, the Payment Card Industry Security Standards Council notes three specific areas for improvement. The guidelines, which are intended for any organization that handles credit or debit card data, offer specific recommendations for risk assessments, such as how to create […]

Comments (1)

Fallout from a PCI breach for merchants and consumers

There is a big misconception out there that PCI DSS compliance does not apply to us, because we are relatively a small company The fact is PCI DSS must be met by all organizations that transmit, process or store payment card data. Also business owner want to know what is ROI on PCI compliance. It […]

Leave a Comment

PCI DSS Law and State of Nevada

Image by purpleslog via Flickr 45 States followed California when they introduced “SB1386”, the Security Breach Information Act, which has specific and restrictive privacy breach reporting requirements. Similarly to the SB1386 Law, California, Massachusetts & Texas are already looking at making PCI DSS Law and history tells us that when California moves, everyone else follows! […]

Comments (4)

Security controls and ISO 27002

Usually security breach occurs due to lack of basic security controls or lack of effective control which is not relevant over the time. Security controls also disintegrate over the time due to lack of maintenance and monitoring. According to Privacy Rights Clearinghouse survey, the top three breaches resulted from laptop theft, software or human error, […]

Comments (2)

PCI compliance is essential and why you have to

  During this down turn economy organized cyber crime is a booming underground business these days. Most of the security expert and FBI agree that cybercrimes are on the rise and pose a biggest threat to US vital infrastructure. Cybercriminals are thieves in cyberspace who will swipe the sensitive data and sell to other criminals […]

Comments (3)

PCI DSS Misconceptions and Facts

M1 – We are relatively small company so we don’t have to worry about PCI compliance F1 – The PCI DSS must be met by all organizations that transmit, process or store payment card data M2 – PCI DSS is either a regulation or a standard F2 – It‘s a neither a standard nor a […]

Comments (10)

PCI DSS significance and contractual agreement

The PCI DSS (Payment Card Industry & Data Security Standard) was established by credit card companies to create a unified security standard for handling credit card information.  The retail service industry now understands the strategic significance of PCI DSS compliance, which was demonstrated when TJX announced that their system was compromised for more than 17 […]

Comments (2)