Payment card industry updates security

The council that administers the data security standard for the payment card industry (PCI DSS) has published a list of approved point-to-point encryption (P2PE) systems.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

PCI DSS compliance is necessary for organisations that handle customer payment card data and specify how that information must be held and protected.

The list of approved P2PE systems was unveiled at the Payment Card Industry Security Standards Council (PCI SSC) Annual European Community Meeting in Nice, France.

The council views P3PE systems as a way for merchants to simplify their security programmes by removing clear-text cardholder data from the payment environment.

The meeting provided around 500 global stakeholders from 40 countries the last chance to give feedback on the coming version 3.0 of the PCI DSS to be published on 7 November.

The meeting also enabled the PCI DSS to update attendees on technology initiatives around mobile payment acceptance and tokenisation.

Attendees had the chance to interact with peers on challenges and lessons learned in case study presentations and hear proposals for suggested PCI Special Interest Group (SIG) projects in 2014.

From 4 to 15 November, PCI organisations will be able to vote for the SIG projects they would like the community to pursue in the year ahead.

“We are working to continue to develop global payment security standards that address today’s challenges and provide the framework for adapting our business practices to embrace emerging technologies and protect against changing threats,” said Jeremy King, European director, PCI SSC.