Recent Updates RSS
The latest changes across PCI SSC resources and EMVCo specifications.
Hello and welcome to our podcast series, Coffee with the Council. I'm Andrew Jamieson, VP, Distinguished Standards Architect for the PCI Security Standards Council. And I'll be your host …
Hello and welcome to our podcast series, Coffee with the Council. I'm Andrew Jamieson, VP, Distinguished Standards Architect for the PCI Security Standards Council. And I'll be your host …
Events such as these should be accounted for in any service contract you sign with a software vendor. The Council requires that approved PA-QSAs carry appropriate liability insurance.
Revalidation Date: Annually, the software vendor is required to revalidate by completing Part 3b of the Attestation of Validation form, confirming that no changes have been made to the application …
The PCI Security Standards Council (PCI SSC) mission is to develop, maintain and build awareness around the standards and supporting programs. Additionally, the PCI SSC strives to ensure that implementing …
The Card Production Logical and Physical Security Requirements were published by PCI SSC in 2013, and are intended to provide manufacturers and producers of payment cards with a comprehensive resource …
No. PCI DSS sensitive authentication data (SAD) consists of full magnetic-stripe data, card verification codes or values, and PINs or PIN blocks. PCI DSS specifically prohibits storage of SAD after …
Yes. Assessors have two options when performing PCI DSS testing procedures; they can either: 1) test a representative sample of the population according to the assessor's defined sampling methodology, or …