HostedPCI – News

Target Release Date set

,
The PCI council has been working hard to update and deliver a new version of the PCI DSS standard. Currently, the target date for the PCI DSS v4.0 release is estimated to be March 2022. This revision will be requesting for industry professionals to review and provide feedback about the draft before the final version is released in March.

8 Digit BIN implementation

,
The PCI Software-Based PIN Entry on COTS (SPoC) Standard provides requirements for developing secure solutions that enable EMV contact and contactless transactions with PIN entry on the merchant’s consumer device using a secure PIN entry application in combination with a Secure Card Reader for PIN (SCRP).

security requirements for PIN Entry

,
The PCI Software-Based PIN Entry on COTS (SPoC) Standard provides requirements for developing secure solutions that enable EMV contact and contactless transactions with PIN entry on the merchant’s consumer device using a secure PIN entry application in combination with a Secure Card Reader for PIN (SCRP).

Payment security for small businesses

,
Payment Card Industry Security Standards Council (PCI SSC) has introduced a new payment security tool for small businesses. The payment security tool will protect the card data of PCI SSC customers.

5 updates from PCI SSC you need to know

,
The PCI P2PE standard has for sometime governed security requirements for technologies and services that organizations use for end-to-end encryption of cardholder data. The goal is to ensure that no sensitive cardholder data passes in unencrypted form through a merchant's point of sale system.

PCI issues new standards for contactless payments

,
The PCI Security Standards Council published a new data security standard that will let merchants accept contactless payments using commercial off-the-shelf mobile devices, like smartphones and tablets that utilize near field communications.…

Network Segmentation

,
Earlier this month the PCI SSC released a memo referring to their network segmentation guidelines, while network segmentation is not part of PCI scope, it seems that most breaches happen from systems that were deemed not in scope, and companies were unaware that their data was even being accessed by these systems.