PCI

tripwire

Strong Customer Authentication: A Vehicle for PCI-DSS Compliance

Payment services that operate electronically should adopt technologies that guarantees the safe authentication of the user and reduces, to the maximum extent possible, the risk of fraud. In order to achieve this, the European Union in 2007 passed the Payment Services Directive (PSD). The aim of this legislation is to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).

reciprocity

Which PCI SAQ Do I Need?

PCI DSS Self-Assessment Questionnaires (SAQs) are tools provided by the PCI Security Standards Council (PCI SSC) to help payment-card-processing merchants and service providers measure their own PCI compliance Payment Card Industry Data Security Standard (PCI DSS) Self-Assessment Questionnaires (SAQs). Which of the nine Payment Card Industry Data Security Standard (PCI DSS) Self-Assessment Questionnaires (SAQs) your organization needs to fill out and submit depends on several factors.

Meeting PCI DSS Network Security Requirements in Kubernetes Environments

Compliance standards such as PCI DSS have assumed that traditional characteristics and behaviors of the development and delivery model would continue to be constant going forward. With the Container/Kubernetes revolution, that set of assumptions is no longer entirely correct. Attend this webinar and learn about what’s changed, how those changes weaken your compliance and control environment, and what you can do to adjust to the new reality.
reciprocity

PCI DSS: Testing Controls and Gathering Evidence

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is not easy to achieve. Quite the opposite, in fact: A 2017 Verizon report stated that 80 percent of companies fail their PCI DSS assessments, and only 29 percent of those that pass are still compliant after one year. PCI DSS compliance, like information security as a whole, is not a one-and-done process but ongoing. To succeed, your enterprise must be vigilant.

reciprocity

Understanding the PCI Levels of Compliance

While every merchant and service provider that processes, stores, or transmits credit card data must comply with the Payment Card Industry Data Security Standard (PCI DSS), not all must travel the same path to PCI compliance. The amount of risk an organization faces depends on a variety of factors. Recognizing these differences, the PCI Security Standards Council developed four compliance levels for merchants and two for service providers.

reciprocity

How To Minimize The Scope of Your PCI DSS Audit

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) and its 281 directives can be a time-consuming hassle. Fortunately, there are ways to minimize your PCI DSS scope, saving time and resources for your organization and auditor, and ratcheting down your stress levels. Larger organizations—those processing more than 1 million credit-card transactions annually—may need two years to reach initial PCI DSS compliance.