In an exclusive interview, Russo says the new update includes some clarifications and guidance that will create greater flexibility for merchants -- but no new requirements.
The long-anticipated new version of the Payment Card Industry Data Security Standard includes no new requirements - just clarifications and new guidance on existing components.
Interview with Adrian Davis of the Information Security Forum
In terms of payments, privacy and third-party relationships, U.S. security leaders have much to learn from - and share with - their peers in the U.K. and elsewhere in the world.
This is the perspective of Adrian Davis, a senior research consultant...
This white paper details how Tripwire IT security and compliance automation solutions help keep the IT infrastructure in a continuously PCI-compliant - and secure-state.
Tripwire Enterprise does this with a compliance policy for PCI, file integrity monitoring, real-time analysis of change and easy access to...
It has now been one year since the Heartland Payments System breach was made public. What lessons have been learned and what more needs to be done to improve the security of the payment industry?
We asked four information security experts for their take on Heartland: One year later.
A group of seven restaurants in Louisiana and Mississippi has filed a class action lawsuit against point-of-sale vendor Radiant Systems and its distributor Computer World.
The suit claims that hundreds of customers had their identities stolen because the restaurants were sold payments terminals that were not PCI-DSS...
Since the Heartland data breach was announced in January, there's been no shortage of discussion about the Payment Card Industry Data Security Standard(PCI DSS) and its requirements of merchants and payments processors.
But what about financial institutions?
Banks and credit unions store large amounts of...
Of all the compliance regulations, mandates and guidelines, you're most likely to encounter PCI. Any vendor, organization, entity, group, business, etc., that accepts and processes credit cards falls under the PCI requirements standard and is subject to its audit cycles.
PCI DSS covers a range of physical and...
What is the future of the Payment Card Industry Data Security Standard (PCI)?
In 2009, PCI was discussed in the context of the Heartland Payment Systems and RBS WorldPay data breaches - is the standard adequate, and what does compliance mean?
In 2010, the talk will be about the next-generation PCI standard - the...
Tokenization or end to end encryption - which solution will win the hearts of data protectors in the race to secure data?
A recent study conducted by PriceWaterhouseCoopers on behalf of the Payment Card Industry Security Standards Council shows that end to end encryption and tokenization are the top choices for...
The next version of the Payment Card Industry Data Security Standard (PCI DSS), due out some time in 2010, may include guidelines for the use of virtualization technology to protect card data.
This was the prediction of some industry leaders meeting at the Payment Card Industry's Security Standards Council...
Emerging technologies are the hottest topics of discussion within the PCI Security Standards Council community meeting in Las Vegas this week.
The question, says David Taylor, founder of the PCI Knowledge Base, a PCI research firm, is 'How will PCI's security standards council embrace end-to-end encryption,...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.