The vision is that Card Not Present transactions will be increasingly deflected onto other payment channels, completely bypassing the use of card numbers at the website/call centre.
Overcoming the top five challenges businesses experience when securing their payments: Protecting data in-transit; Failing to test and audit systems; Managing chargebacks; Authenticating transactions; Physical security of data.
New PCI regulation will include a heavy focus on multi-factor authentic, people, processes and encryption
The PCI SSC has pushed back the date by which members must change to a secure version of TLS (currently 1.1 or higher); the migration is being revised today and pushed back from June 2016 to June 2018.
Verizon's fourth annual report into PCI DSS compliance finds that not a single breached company over the last decade has been fully compliant with PCI standards at the time of breach. However, there is at least light at the end of the tunnel.
Compliance with PCI DSS 3.0 is primarily about enforcing everyday security best practices, but Stuart Facey notes that secure third party access is a key part of that approach.
Malware around since last year, but only now visible to anti-virus security software.
PCI compliance was called a 'gold standard' and 'secure baseline' at a conference in London today, but not all believe that it does enough to guard against data breaches.
Use of tokens is one of the ways we might limit the amount of sensitive data linked to our cards suggests Tim Critchley.
Cambridge University researchers have revealed "serious" flaws in chip-and-pin payment card security that, almost two years after they first reported them, have still not been fully fixed by the banks.
PCI compliance is like meeting food safefy standards, explains Tim Lansdale, its there for the benefit of customers.
PCI DSS 3.0 may be on the horizon, but a new study suggests that companies are not only slow in updating, but also approaching compliance in the wrong way.
A new point of sale-based Trojan called ChewBacca has been used to steal payment card and personal customer data from dozens of retailers across 11 countries, according to RSA.
Internal network analysis security would have stopped this attack - Peter Wood, Firstbase CEO
The latest PCI update offers improvements to ensure security in online transactions, says Tim Lansdale, head of payment security, WorldPay. Tony Morbin reports.
In a special one-off case study linking our themes of PCI compliance and security spend, Random Storm technical director and co-founder Andrew Mason describes to SC a case study that tackles both issues with the aid of league tables.
Nearly 100,000 Staysure customers may have had their personal details compromised.
It's a New Year with a new editor and new team members on SC. Thanks for the warm welcome from everyone we've met and we'll be talking to more of you throughout the year.
European Payment Services (EPS) in Berkshire has become the first vendor to have its point-to-point encryption (P2PE) hardware certified under global security standards used to protect consumer card data.
A company is challenging costly penalties levied for non-compliance of Payment Card Industry (PCI) security standards, by suing the credit card company that imposed the fines.
The PCI Security Standards Council (PCI SSC) is looking for feedback on its payment industry guidelines and plans to roll out an online tool to make providing input easier.