The PCI Security Standards Council (PCI SSC) is often asked whether compliance certificates are acceptable to demonstrate an organization’s validation to the PCI Data Security Standard (PCI DSS).| PCI Perspectives
The PCI Security Standards Council (PCI SSC) is pleased to welcome its newest team member, Úna Dillon, Regional Director, Europe. As Regional Director, Úna serves as the primary liaison with European payment security stakeholders. In this role, she will drive awareness and growth of the Council with an emphasis on educating stakeholders on the importance of data security for payments and supporting the adoption of PCI SSC standards within the European region.| PCI Perspectives
Authentication and cryptography are two essential security controls that protect sensitive data and systems. Authentication helps verify who can access information, while cryptography protects data whether it is stored or transmitted over networks. Nearly every security measure depends on these two fundamental controls in some way. However, both authentication methods and cryptographic standards are constantly evolving, making it challenging for organizations to keep up with current best prac...| PCI Perspectives
We are pleased to welcome the newest organizations that have joined as Associate Participating Organizations of the PCI Security Standards Council (PCI SSC). These organizations play a crucial role in supporting the evolution of the PCI security standards and programs and promoting the implementation of PCI security standards worldwide to protect payment data. We look forward to their involvement with the Council as we help secure the future of payments.| PCI Perspectives
The countdown is on for this year’s North America Community Meeting! We’re thrilled to share an early look at some of the exceptional sessions coming your way in Fort Worth, Texas, September 16–18. Get ready for insights, innovation, and inspiration! This year promises expertly crafted sessions that are imperative to securing payments worldwide. Register now and secure your place at a PCI SSC North America Community Meeting!| PCI Perspectives
In this episode of Coffee with the Council, you’ll hear from this year’s Asia-Pacific Community Meeting keynote speaker, Sharon Gai.| blog.pcisecuritystandards.org
Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for payment security industry stakeholders to exchange information about how they are adopting and implementing artificial intelligence (AI) into their organizations.| PCI Perspectives
We are excited to announce that the full agendas for the PCI SSC 2025 North America, Europe, and Asia-Pacific Community Meetings are now available!| blog.pcisecuritystandards.org
The PCI Security Standards Council is excited to announce an outstanding group of keynote speakers for its 2025 Community Meetings across North America, Europe, and Asia-Pacific. Each speaker brings a unique and technical perspective from their respective fields and offers valuable insights into the world of payment security.| PCI Perspectives
In this episode of Coffee with the Council, you’ll hear from this year’s Europe Community Meeting keynote speaker, Bernie Collins.| blog.pcisecuritystandards.org
From 10 July to 11 August, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI Secure Software Standard v2.0 during a 30-day request for comments (RFC) period.| PCI Perspectives
PCI SSC has released version 3.2 of the PCI Point-to-Point Encryption (P2PE) Standard. P2PE v3.2 is a minor revision of the standard, which expediently addresses stakeholder feedback while the Council continues to develop P2PE v4.0.| blog.pcisecuritystandards.org
In this Q&A with PCI Security Standards Council’s Director of Data Security Standards Lauren Holloway, we look at some of the key changes in the PCI DSS Self-Assessment Questionnaires (SAQs) for version 4 and what organizations using SAQs need to know.| blog.pcisecuritystandards.org
This episode of Coffee with the Council is brought to you by our podcast sponsor, Feroot. Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. Today, I am so excited to bring you a sneak peek interview with PCI SSC's North America Community Meeting Keynote Speaker, Reed Timmer.| PCI Perspectives
We are pleased to welcome the newest organizations that have joined as Associate Participating Organizations of the PCI Security Standards Council (PCI SSC). These organizations play a crucial role in supporting the evolution of the PCI security standards and programs and promoting the implementation of PCI security standards worldwide to protect payment data. We look forward to their involvement with the Council as we help secure the future of payments.| PCI Perspectives
Registration is now open for the PCI Security Standards Council’s 2025 Community Meetings! Register now and secure your experience filled with sessions led by industry experts, exciting keynotes, networking opportunities, and a vendor showcase you won’t forget.| PCI Perspectives
From 16 June to 18 July, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI Key Management Operations (KMO) v1.0 Standard during a 30-day request for comments (RFC) period.| blog.pcisecuritystandards.org
Take advantage of the great opportunities to elevate your brand presence and connect with potential buyers and industry leaders when you sponsor or exhibit at a 2025 PCI SSC Community Meeting!| PCI Perspectives
The PCI Security Standards Council (PCI SSC) has published a major revision to PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular Security Requirements from version 6.2 to version 7.0. The PCI PTS POI Modular Security Requirements document enhances security controls to defend against physical tampering and the insertion of malware that can compromise card data during payment transactions.| PCI Perspectives
A new infographic and related FAQ have just been published to address stakeholder requests for guidance and clarity around 1) identifying and risk-ranking vulnerabilities, and 2) resolving or addressing vulnerabilities in PCI Data Security Standard (PCI DSS) Requirements 6 and 11.| blog.pcisecuritystandards.org
This episode of Coffee with the Council is brought to you by our podcast sponsor, Feroot. Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. In today's episode, I'm excited to announce that the Council is launching a new Regional Engagement Board for India and South Asia. Regional Engagement Boards serve as advisors to PCI SSC on payment data security issues in specific geographies ...| PCI Perspectives
The PCI Security Standards Council (PCI SSC) announced that it has launched its own PIN Listing Program. This program brings an important security service listing to the community, representing another step in its mission to secure payments worldwide.| blog.pcisecuritystandards.org
In this episode of Coffee with the Council, we’ll hear from Megan Shamas, Chief Marketing Officer at the FIDO Alliance as she discusses a solution to reducing the world’s reliance on passwords with the Council’s own Andrew Jamieson, VP, Distinguished Standards Architect.| blog.pcisecuritystandards.org
Welcome Salesforce, a new Principal Participating Organization (PPO) at the PCI Security Standards Council!| blog.pcisecuritystandards.org
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Director of Communications and Public Relations for the PCI Security Standards Council. As many of our listeners are aware, we are quickly approaching the deadline to adopt the future-dated requirements of PCI DSS version 4.0.1 on March 31st, 2025. Over the course of the last year, the Council has received feedback that more guidance was needed to properly implement some of the e-commerce security requirements in the s...| PCI Perspectives
After nearly 15 years at PCI Security Standards Council (PCI SSC), Jeremy King, Regional VP, EMEA, retires this month. In this blog, we interviewed Jeremy about his career at the Council and in the payments industry, the most rewarding aspects of his career, and the most significant changes he has witnessed over time in securing payment data.| PCI Perspectives
The PCI Security Standards Council call for speakers is open for the 2025 Asia-Pacific Community Meeting.| blog.pcisecuritystandards.org
Artificial intelligence (AI) is transforming industries, and the PCI Security Standards Council (PCI SSC) has introduced new guidance to support the responsible use of AI in PCI assessments. The guidance provides a balance between leveraging the benefits of AI while maintaining the high standards of security that protect payment card data worldwide.| PCI Perspectives
The opportunity for your voice to be heard is here. Now is your chance to help transform the future of payment security by electing representatives to the 2025-2027 PCI SSC Board of Advisors during the election period, 17-28 March 2025.| PCI Perspectives
Welcome U.S. Bank, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, U.S. Bank’s VP PCI Program Management, Richard Mann, introduces us to his company and how they are helping to shape the future of payment security.| PCI Perspectives
The PCI Security Standards Council (PCI SSC) has introduced a new information supplement: “Payment Page Security and Preventing E-Skimming – Guidance for PCI DSS Requirements 6.4.3 and 11.6.1”. This document provides direction for merchants and service providers implementing controls to protect payment card data during e-commerce transactions.| PCI Perspectives
The PCI Security Standards Council (PCI SSC) is excited to announce the North America, and Europe Community Meeting Call for Speakers for in-person events.| blog.pcisecuritystandards.org
We are pleased to welcome the newest organizations that have joined as Associate Participating Organizations of the PCI Security Standards Council (PCI SSC). These organizations play a crucial role in supporting the evolution of the PCI security standards and programs and promoting the implementation of PCI security standards worldwide to protect payment data. We look forward to their involvement with the Council as we help secure the future of payments.| PCI Perspectives
The PCI Security Standards Council (PCI SSC) is pleased to announce the release of a Frequently Asked Question (FAQ), developed in direct response to industry requests for greater clarity on the new eligibility criteria for the recently revised Self-Assessment Questionnaire (SAQ) A.| blog.pcisecuritystandards.org
The PCI Security Standards Council (PCI SSC) is pleased to announce the launch of its new Vendor Portal Dashboard, a significant enhancement to its existing PCI Portal that simplifies program management and improves visibility for all vendors.| blog.pcisecuritystandards.org
From 6 February to 6 March, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI Point-to-Point Encryption (P2PE) v3.2 Standard during a 30-day request for comments (RFC) period.| blog.pcisecuritystandards.org
In response to stakeholder feedback regarding the complexity of implementing the new e-commerce security Requirements 6.4.3 and 11.6.1 in PCI Data Security Standard (PCI DSS) v4.0.1, the PCI Security Standards Council (PCI SSC) has announced important modifications for merchants validating to Self-Assessment Questionnaire A (SAQ A).| PCI Perspectives
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. It is time once again to elect the Council's next Board of Advisors for the 2025 - 2027 term. Every two years, the Council invites its Principal and Associate Participating Organizations, as well as Affiliate Members to nominate and elect those companies who will serve as strategic leaders for the organization. Joining me today to talk all about...| PCI Perspectives
We heard your feedback – and we have made the PCI SSC Global Content Library more accessible than ever before!| PCI Perspectives
Welcome DataStealth, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, DataStealth’s CEO, Ed Leavens, introduces us to his company and how they are helping to shape the future of payment security.| PCI Perspectives
From 19 December to 29 January, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft Secure Software Lifecycle (Secure SLC) Standard v2.0 during a 40-day request for comments (RFC) period.| PCI Perspectives
The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Mobile Payments on COTS (MPoC) Standard, designed to support the evolution of mobile payment acceptance solutions. PCI MPoC builds on the existing PCI Software-based PIN entry on COTS (SPoC) and PCI Contactless Payments on COTS (CPoC) Standards, addressing security requirements for solutions that enable merchants to accept cardholder PINs or contactless payments using a smartphone or other commercial off-the-she...| PCI Perspectives
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Recently, PCI SSC published a new information supplement called PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. This document was produced by the 2023 Special Interest Group, also called a SIG, who spent a year collaborating on this project, which was led by the Council's own Kandyce Young, Manager of Data Security St...| PCI Perspectives
The PCI Security Standards Council (PCI SSC) is developing guidance to help stakeholders understand and implement the new e-commerce security requirements included in PCI Data Security Standard (PCI DSS) v4.x. Stakeholders have indicated that these requirements are complex for many entities to implement (including merchants validating to Self-Assessment Questionnaire (SAQ) A). To that end, the Council has engaged with industry experts to establish an E-commerce Guidance Task Force with the so...| PCI Perspectives
The PCI Security Standards Council (PCI SSC) is pleased to announce a simplified onboarding process for laboratories seeking to conduct Mobile Payments on COTS (MPoC) evaluations and become MPoC-certified labs. This new streamlined approach removes previous barriers to entry while maintaining the Council’s rigorous security and quality standards.| PCI Perspectives
Welcome Concentrix, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Concentrix’s Global Vice President, Rishi Rajpal, introduces us to his company and how they are helping to shape the future of payment security.| PCI Perspectives
The excitement is building as we get closer to this year’s Asia-Pacific Community Meeting! To add to the anticipation, we’re giving you a sneak peek of some of the amazing sessions that will be featured in Hanoi, 20-21 November.| PCI Perspectives
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today we'll meet one of the Council's newest employees, our Head of Product and Technology, Deanne Zettler. Deanne comes to the PCI SSC with more than 25 years of experience leading product and technology strategies, solutions and operations in financial services, including stops at Discover Financial Services and Silicon Valley Bank. Thank you ...| PCI Perspectives
From 1 October to 1 November, eligible PCI SSC stakeholders are invited to review and provide feedback on the draft PCI PIN Transaction Security (PTS) Point of Interaction (POI) Modular Security Requirements v7.0 during a 30-day request for comments (RFC) period.| PCI Perspectives
The PCI Security Standards Council (PCI SSC) has published a new Information Supplement: PCI DSS Scoping and Segmentation Guidance for Modern Network Architectures. This document was produced by the 2023 Special Interest Group (SIG), the members of which provided their extensive payment security expertise and technical knowledge around best practices, guidance, and real-world scenarios for applying PCI DSS scoping and segmentation techniques in a variety of modern network architectures.| PCI Perspectives
In a significant move, the PCI Security Standards Council (PCI SSC) has announced enhancements to its Point-to-Point Encryption (P2PE) Program for use with the currently published P2PE Standard v3.1, which provides the ability to validate and list P2PE solutions that cryptographically protect account data from the point where a merchant accepts a payment card to the secure point of decryption. This Program, which is intended for merchants, P2PE Assessor Companies, and vendors of P2PE Products...| PCI Perspectives
To address stakeholder feedback and questions received since PCI DSS v4.0 was published in March 2022, the PCI Security Standards Council (PCI SSC) has published a limited revision to the standard, PCI DSS v4.0.1. It includes corrections to formatting and typographical errors and clarifies the focus and intent of some of the requirements and guidance. There are no additional or deleted requirements in this revision.| blog.pcisecuritystandards.org
With 31 March 2024 rapidly approaching, here are some key questions, answers, and resources to help you successfully transition to PCI DSS v4.0.| blog.pcisecuritystandards.org
PCI SSC has identified eight steps to help your organization prepare for a successful transition to PCI DSS v4.0.| blog.pcisecuritystandards.org
PCI Security Standards Council publishes the PCI Data Security Standard v4.0- view resources for the Standard here.| blog.pcisecuritystandards.org
PCI SSC shares updates about what to expect when PCI DSS v4.0 is published.| blog.pcisecuritystandards.org
