10 Dec

PCI Compliance Checklist


The Payment Card Information Data Security Standard is an industry standard for securing cardholder data around the world. Anyone processing, storing or transmitting cardholder data must adhere to it if they want to use cards from the major payment card brands who created and adopted the standard. The PCI DSS

26 Nov

Setting the Record Straight: Payment Tokenization vs. Data Security Tokenization

by Jacob Burcham EMVCo Payment Tokenization EMVCo is a consortium of major credit card brands dedicated to ensuring the interoperability and acceptance of secure payment card transactions. Europay, MasterCard, Visa, JCB, American Express, UnionPay and Discover work together to form standards and frameworks for the systems that support payment card transactions.

12 Nov

Assessing a Tokenization Environment

When performing audits, QSAs are expected to evaluate an entity’s processes for adhering to the Payment Card Industry Data Security Standards (PCI DSS). This can be a cumbersome, time-consuming task, and it requires a deep knowledge and understanding of various types of compliance strategies. Often, businesses choose to meet PCI requirements

12 Sep

Complying with the CCPA’s “Right to be Forgotten”

Complying with the CCPA’s “Right to be Forgotten” The recently passed California Consumer Privacy Act (CCPA) is still over a year away from its January 1, 2020, enforcement date, but organizations who do business in California are already preparing. California has long been the leader in the United States for

07 Aug

What the 2018 PCI DSS 3.2.1 Updates Mean for Your Organization

What the 2018 PCI DSS 3.2.1 Updates Mean for Your Organization The PCI Security Standards Council (SSC) introduced a few updates this year to the PCI DSS (PCI Data Security Standard). Although most of the updates are minor, there are issues that will impact how your organization achieves PCI compliance.