PCI compliance News
April 15, 2015
PCI DSS 3.1 grants merchants about 14 months to nix flawed SSL and TLS protocols, but demands they quickly provide detailed new documentation on how they plan to make the transition.
February 10, 2015
Visa and MasterCard are putting pressure on merchants to implement Chip and PIN technology, and while it will improve transaction security, it won't make PCI compliance any easier.
December 30, 2014
As PCI DSS 3.0 becomes mandatory on Jan. 1, QSAs say struggling merchants will find that a continuous approach to PCI compliance eases the long-term compliance burden.
November 12, 2014
Pain points related to finding indicators of compromise in system logs and CDE outsourcing have led to a pair of new PCI special interest groups that will begin work next year.
PCI compliance Get Started
Bring yourself up to speed with our introductory content
A PCI gap assessment is the identification, analysis and documentation of areas of non-compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI gap assessment is the first step for a merchant seeking to become PCI ... Continue Reading
Merchant levels are used by the payment card industry (PCI) to determine risk levels and determine the appropriate level of security for their businesses. Specifically, merchant levels determine the amount of assessment and security validation that ... Continue Reading
Organizations need to review the PCI DSS 3.0 requirements and prepare for the mandatory changes coming in June 2015. Expert Mike Chapple explains how to prepare for the deadline. Continue Reading
Evaluate PCI compliance Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
PCI DSS version 3.1 includes some minor updates that are far less prominent than the SSL/early TLS changes, but are equally as important. Here's a look at vulnerability scanning and POS device security changes. Continue Reading
The early arrival of PCI DSS 3.1 could leave organizations scrambling. The biggest change to the standard -- and the top priority for organizations -- is the end of SSL and early TLS. Continue Reading
New compliance requirements under PCI DSS version 3.0 strive to make cardholder data security part of companies' everyday business processes. Continue Reading
Manage PCI compliance
Learn to apply best practices and optimize your operations.
A new PCI Special Interest Group document gives advice to enterprises on staying PCI DSS compliant after audits. Expert Mike Chapple highlights the key takeaways. Continue Reading
In this video, Vantiv CSO Kim Jones discusses why a lack of hard data makes some iterations of intelligence-driven security not so intelligent. Continue Reading
The Target data breach has led legislators to reexamine retailers' data security processes. Will it lead to new consumer protection measures? Continue Reading
Problem Solve PCI compliance Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
In this Q&A, learn how increasingly sophisticated cyberthreats should influence organizations' information protection and PCI security strategy. Continue Reading
In this tip, learn how the proliferation of mobile devices in the workplace forces companies to reexamine their regulatory compliance processes. Continue Reading
Expert Mike Chapple details the PCI SSC's third-party processor rules and how to outsource card processing and stay PCI DSS compliant. Continue Reading