On New PCI Point-to-Point Encryption Solution Requirements
October 10, 2011 | POSTED BY DOMINIC SCHULTE IN COMPLIANCE, PCI
In case you missed it, the PCI Security Standards Council (SSC) published the initial release of the much anticipated Point-to-Point Encryption Solution (P2PE) Requirements document last month. Many of you are probably asking, "Why do I care?" - a good ...READ MORE +
When are merchants required to use a PA-DSS validated POS (point-of-sale) application?
September 21, 2011 | POSTED BY MICHAEL OGLESBY IN COMPLIANCE, PCI
In True's experience as a QSA advising merchants with PCI compliance, one point of confusion seems to always surface ? when are merchants required to use a Payment Application Data Security Standard (PA-DSS) validated POS application?
First, it is impo...READ MORE +
PCI SSC Releases Tokenization Guidelines
September 21, 2011 | POSTED BY JERALD DAWKINS IN COMPLIANCE, PCI
Today, the PCI SSC finally released tokenization guidelines. Nothing too surprising in the guidelines, but they did bring up several interesting points. One of my favorites is:
"When evaluating a tokenization system, it is important to consider all ele...READ MORE +