Visa has excluded U.S. businesses from a worldwide program that encourages merchants to deploy more secure payment terminals, because of what it claims is the uncertainty surrounding new debit card rules.
The PCI Security Standards Council (PCI SSC), which oversees the PCI (Payment Card Industry) Data Security Standard that card-accepting retailers must follow, today announced that nominations for election to the 2011-2013 PCI SSC board of advisors are now being accepted
Amazon Web Services LLC AWS, a subsidiary of Amazon.com recently announced it has achieved Level 1 compliance with the Payment Card Industry PCI Data Security Standard DSS. Merchants and other service providers can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. Customers can use AWS cloud infrastructure
Bob Russo, GM of the PCI Security Standards Council, says simply that PCI security standards are maturing “gracefully.”
In fact, Russo says the global payments community is pleased with the standards, which is why the council decided to make no significant changes this time around. The PCI Data Security Standard and the PCI Payment Application Data Security Standard have not changed significantly this year. But what the industry can expect in 2011 are clarifications and some new guidance regarding emerging technologies.
HyTrust, Cisco, VMware, Savvis and Coalfire Outline Configuration Guidelines to Meet the New Requirements Following Publication of New Payment Card Industry Data Security Standard
PCI is further redefining what a hardware terminal is: It’s supposed to take payments outside of the PCI card data environment so you don’t have to do any monitoring of them,” he says. “But we’ve seen outbreaks of tampering [of devices] to capture cardholder data … they are changing the definition, which could bring a lot of intelligent terminals collecting payments brought into [PCI]
This article is the first in a short series designed to help small businesses understand the regulations around securing credit card transactions, specifically the PCI DSS (Payment Card Industry’s Data Security Standard) requirements.
The Payment Card Industry’s Security Standards Council may be doing a good job helping lock down larger retailers, but the smaller “Mom and Pop” merchants are becoming the new targets of cyber criminals, says a PCI expert.
Merchants are most likely to remain compliant with the Payment Card Industry Data Security Standards and avoid data breaches if they adopt security as a “lifestyle,” according to a study released earlier this week by Verizon Business. Verizon Business provides audits and other PCI-related services.
Small business ecommerce site owners cannot afford to slack off when it comes to the Payment Card Industry Data Security Standard (PCI DSS). Its strict security requirements make being PCI compliant challenging for small retailers, but PCI DSS is a standard that all organizations must follow when storing, processing and transmitting its customer’s credit card data.
One of the easiest ways to be PCI-compliant is to outsource payment processing and work with a payment provider who has the experience, systems and security in place that meets the PCI DSS standard. By outsourcing PCI compliance you basically remove the PCI burden from your small business to a trusted provider.