An essential component of protecting payment information is devaluing the data that is transmitted so it's of no use to hackers, says Lance Johnson, executive director of the PCI Standards Security Council.
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
As part of its ongoing push toward cashless payments, India is taking steps to ramp up the use of contactless payments, which are already becoming more common in Japan, South Korea, Australia, the U.K. and the U.S. What can be done to balance security vs. convenience?
Forty-three states have reached a settlement with Neiman Marcus over its 2013 data breach, one of several breaches from that period blamed on in-memory malware. The retailer will pay $1.5 million and must use encryption and tokenization to protect card data.
Although the Reserve Bank of India mandated that banks complete the shift from magnetic stripe debit and credit cards to EMV chip-and-PIN cards by Jan. 1 to help reduce fraud, there's still plenty of work to be done.
As new payment options continue to emerge via mobile phones and internet of things devices, the PCI Security Standards Council is broadening its security efforts, starting with a new standard for contactless payments coming early next year, says Troy Leach, PCI SSC's chief technology officer.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
New PCI requirements that go into effect June 30 are pushing payment card acquirers, processors, gateways and service providers worldwide to implement more secure encryption protocols for transactions. But are they ready?
As payment card fraud schemes continue to evolve, the PCI Security Standards Council has to recalibrate its standards and programs, says Troy Leach, the council's CTO, who describes three key updates.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
A new standard from the PCI Data Security Standards Council could help ease the way for smaller merchants worldwide, especially in developing nations, to move to cashless payments using a variety of devices, says Troy Leach, CTO for the council, who spoke last week at a conference in South Africa.
The PCI Security Standards Council is offering 40 percent lower fees for participating organizations in nations with lower-income economies. "We want to encourage countries in Africa and South Asia to get engaged with us," Jeremy King, international director at PCI SSC, tells ISMG in an exclusive interview.
The PCI Security Standards Council is creating a payments software framework, including two new standards that can evolve as the software rapidly changes, Troy Leach, the council's CTO, explains in this in-depth interview.
Global hotel chain Hilton has reached a $700,000 settlement agreement with New York and Vermont over two separate data breaches discovered in 2015 that exposed more than 360,000 payment card numbers.
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.
