HostedPCI – Blogs

3D Secure 2.0 Exemptions

,
The 3D-Secure 2.0 process has been on every merchant’s mind lately as the deadline for compliance is fast approaching. While the general protocols regarding 3D Secure 2.0 are fairly straightforward there is some confusion regarding the exemptions which have been released along with the 3D-Secure mandate. There are three main categories for requesting an exemption to the Secure Customer Authentication (SCA) flow.

How can 3DS 2.0 Help your Business

,
Back in 2018, Europe announced changes that would be coming to the e-commerce, card-not-present payment space. This change was referred to as Secure Customer Authentication (SCA) which described a multi-factor authentication process for all customer-initiated transactions that took place online. As this mandate developed we began to see a new 3D Secure process evolve in order to fill this new protocol.

purpose of Credentials on File

,
While credentials on file made its first appearance in 2018 in the Canadian market through Visa it was not adopted throughout the rest of the world or issuers until now. Over the last year, online merchants across Europe have seen an increase in security surrounding customer privacy. This focus has led to new changes within the payment industry, by implementing what is now known as Secure Customer Authentication.

What is Data Residency? Why is it necessary?

,
Over the last decade, our society has seen an increase in online organizations selling goods and services to consumers around the globe. Shopping online has become the new normal especially now with everyone working from home and being advised to remain at home with their families to prevent the spread of COVID-19....

Security of Customer’s Cardholder Data

,
COVID-19 has forced a lot of businesses big or small to rethink about the ways they interact with their customers. The brick and mortar retailers who had limited or no online presence are the most affected by this pandemic since they can no longer support....

Maintain PCI compliance from call centre

,
COVID-19 has rapidly changed a lot of things around the world. Nobody could have fathomed or prepared to deal with a pandemic of this size. Working from home has become the new normal for a lot of individuals and organizations which has come....

HostedPCI is Now on the AppExchange

,
HostedPCI is now on the AppExchange, making it easier for companies that use Salesforce for their CRM can reduce their PCI scope without compromising customer experience. HostedPCI offers 2 main services within the Salesforce APP, our iFrame for eCommerce companies and our IVR for call center companies.

Why Change the TLS Migration Date?

,
It has been known for a while that SSL/TLS had vulnerabilities, however when POODLE first became known the PCI SSC jumped quickly to release the PCI DSS version 3.1, which stated that organizations had to migrate to TLS 1.1 or higher and disable any fallback to SSL/early TLS.

TLS for Android – News Article

,
For online merchants the new PCI standards may effect the usability of their shopping carts on Android phones. Earlier this year two attacks related to PCI compliance where discovered, they were Heartbleed and POODLE. While it had been discovered in the past that SSL and early TLS encryption were vulnerable to attacks, they were still allowed to be used with a downgrade – dance, if the highest level handshake with TLS 1.2 failed

PCI 3.1 : Why so Quick

,
PCI Security Standards Council was created in 2006 to protect organizations and their customers from fraud. PCI compliance is a nationwide standard that all organizations that collect, exchange and process must follow in order to be secure. Typically PCI compliance is updated once every three years. PCI 3.0 went in to full effect in Jan , 2015 so how come PCI 3.1 was rushed out so quickly?