PCI SCC says it is making changes to the Qualified Integrators and Resellers programme to reduce merchant risk by mitigating the leading causes of payment data breaches.
Consumers are now able to authenticate themselves with their credit and debit card issuers when buying online by using web browsers or via mobile applications using the new EMV® 3DS standard, designed to cut online card fraud.
New report from security company Trustwave illustrates a wave of crime looking to steal payment information from those in the hospitality, retail and food and beverage industries.
New PCI regulation will include a heavy focus on multi-factor authentic, people, processes and encryption
The PCI SSC has pushed back the date by which members must change to a secure version of TLS (currently 1.1 or higher); the migration is being revised today and pushed back from June 2016 to June 2018.
Retailers must migrate to PCI DSS v3.1 by June 2016 which means an overhaul in the way data is encrypted and transmitted, says Kevin Bocek.
This week's ICYMI column looks at the top stories on SC from the last week, from the breach blame game and Anonymous hackers to the discovery and patching of critical SSL and Magento flaws.
PCI DSS v3.1 has been announced in a bid to close known security vulnerabilities in SSL and some TLS protocols;14 month transition.
Verizon's fourth annual report into PCI DSS compliance finds that not a single breached company over the last decade has been fully compliant with PCI standards at the time of breach. However, there is at least light at the end of the tunnel.
Third Party IT services suppliers must reassess governance, risk management and compliance responsibilities.
Cambridge University researchers have revealed "serious" flaws in chip-and-pin payment card security that, almost two years after they first reported them, have still not been fully fixed by the banks.
The latest PCI update offers improvements to ensure security in online transactions, says Tim Lansdale, head of payment security, WorldPay. Tony Morbin reports.
European Payment Services (EPS) in Berkshire has become the first vendor to have its point-to-point encryption (P2PE) hardware certified under global security standards used to protect consumer card data.