PCI Security

New validation programs are being developed to support the PCI Software Security Standards. Together, these standards and programs provide payment software vendors with the PCI Software Security Framework for designing, developing and maintaining modern payment software. ... read more

What do stakeholders need to know about PCI Security Standards in 2019? PCI SSC Chief Technology Officer Troy Leach provides an update on what to expect for changes to existing standards and a look at those in development this year.   ... read more

PCI SSC is in the process of launching a new program to train and qualify security professionals to perform assessments using the Card Production Security Standards. Gill Woodcock, Senior Director of Certification Programs, provides an update on this effort and how it will improve the security ... read more

A little more than a year into his role as Executive Director, Lance Johnson provides an update on where the PCI Security Standards Council (PCI SSC) started and where it’s headed, including a strategic look at top priorities and what stakeholders can expect in 2019, and ... read more

In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment security experts, merchant groups and small merchant advocates, to create educational material and suggested next steps to assess risk within a small business environment.  ... read more

PCI SSC has begun efforts on PCI Data Security Standard version 4.0 (PCI DSS v4.0). Here we provide more insight into the development process and how PCI SSC is looking at changing the standard to support businesses around the world in their efforts to safeguard payment ... read more

Associate Regional Director for India, Nitin Bhatnagar, provides an update on PCI SSC efforts in the region ahead of the first ever PCI India Forum, taking place on 13 March in Delhi. ... read more

In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment security experts, merchant groups and small merchant advocates, to create educational material and suggested next steps to assess risk within a small business environment.  ... read more

  From 26 Feb to 26 March, PCI SSC stakeholders can participate in a Request for Comments (RFC) on the draft PCI SPoC Magnetic Stripe Reader (MSR) Annex. RFC periods are avenues for PCI SSC stakeholders to provide feedback on existing and new PCI Security Standards. ... read more

  PCI SSC is now accepting applications for the Qualified PIN Assessor (QPA) Program.  ... read more

  Request for Comments (RFC) periods are avenues for PCI SSC stakeholders to provide feedback on existing and new PCI Security Standards. This feedback plays a critical role in the ongoing maintenance and development of these resources for the payment card industry. ... read more

In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment security experts, merchant groups and small merchant advocates, to create educational material and suggested next steps to assess risk within a small business environment.  ... read more

  PCI SSC continually seeks to increase the baseline standard of quality within the assessor community; one key indicator (among many) is the quality of resulting PCI Data Security Standard (PCI DSS) assessments. Recently, the notion of lead Qualified Security Assessor (QSA) rotation has been raised ... read more

  The Council just published Information Supplement: Best Practices for Maintaining PCI DSS Compliance, which provides updated guidance and practical recommendations for dealing with the challenges associated with maintaining PCI DSS compliance.   ... read more

In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment security experts, merchant groups and small merchant advocates, to create educational material and suggested next steps to assess risk within a small business environment.  ... read more