The latest changes across all tracked PCI resources.
PFI Companies must adhere to the independence requirements of the PFI program as defined in the PFI Qualification Requirements and Program Guide. Whether a PFI Company can conduct a PFI …
Although Viviana Wesley always knew that she wanted a career in computers and technology, when she first started pursuing it, she realized her strengths were not in coding. But, through …
No. PCI DSS Requirement 4 prohibits the sending of unprotected primary account numbers (PANs) via end-user messaging technologies, whether sent internally or over public networks. E-mail, instant messaging, SMS, and …
The intent of the one primary function per server requirement (Requirement 2 of the PCI DSS) is to ensure that your organization’s system configuration standards and related processes address server …
PCI DSS Requirement 3 is not intended to apply to individual account statements sent by issuing banks to cardholders. Full PAN displays in individual account statements are not required to …
An inactive user account is one that has not been used in over 90 days. Inactive accounts are often targets for attackers since they are generally not monitored, and changes …
Yes, PCI DSS requirements are applicable if a Primary Account Number (PAN) is stored, processed, or transmitted on or by any media, including paper records. PCI DSS Requirement 9 specifically …
Yes, forms and images containing cardholder data are subject to PCI DSS. PCI DSS Requirement 3 requires that all cardholder data be rendered unreadable. It does not differentiate between how …
Yes. PCI DSS requirements apply wherever payment card account data is stored, processed, or transmitted. For example, PCI DSS Requirement 4 states that strong cryptography and security protocols must be …
For PCI DSS Requirement 4, digital leased lines are generally considered to be private since they are dedicated to the individual customer's traffic. This determination, however, is dependent upon the …
Yes, PCI DSS requirements are applicable if a Primary Account Number (PAN) is stored, processed, or transmitted on or by any media, including paper records. PCI DSS Requirement 9 specifically …
An inactive user account is one that has not been used in over 90 days. Inactive accounts are often targets for attackers since they are generally not monitored, and changes …
Welcome to our podcast series, Coffee with The Council. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Today, we'll be giving a mid-year …
