5 min read
Why do some Issuers believe they don’t need to be PCI DSS compliant?
Documents from the PCI Council, MasterCard, and Visa clearly indicate that Issuers are required to be PCI DSS compliant (see Learn More below). Yet...
pci (3)
6 min read
6 Ways to Deal with the Magnitude of PCI DSS
Are you new to PCI DSS? Perhaps you need to refresh your approach? If so, this article breaks down 6 strategies that will help you eat the...
10 min read
How a $1200 Graphics Card Threatens Your PCI DSS Compliance and Security
Organizations subject to PCI DSS compliance validation spend significant amounts of time, effort, and money to maintain and validate their...
2 min read
Another Way 8-Digit Bins Complicate PCI Compliance: It's Not Just Data-at-Rest
The adoption of 8-digit BINs in 2022 has already created many transitional challenges for organizations needing access to the full BIN numbers (see...
6 min read
Visa 8-Digit BINs are Just Around the Corner and Many Questions Remain
If your business processes or stores the full-BIN, you need to know if you will be impacted by Visa's Numerics Initiative (i.e., the 8-Digit BIN...
4 min read
PINs, Passwords, and PCI
PINs, Passwords, and PCI What is the difference between Passwords and Passphrases, PINs, and other authentication factors under PCI DSS? Our team...
1 min read
How Microsoft Support Expiry can Affect Your PCI Compliance
Microsoft support offerings are designed to provide guidance for system administrators and managers. However, details of the Microsoft “Support...
What Is Sensitive Authentication Data in PCI Compliance?
Sensitive authentication data, aka SAD, in PCI compliance is data used by the issuers of cards to authorize transactions. Similar to cardholder...
1 min read
CDRThief New VoIP Linux Malware – Can Credit Card Skimmers be Far Behind?
Many organizations have either undergone or are planning migrations or acceleration of call centers, remote working, and online presence exploiting...