TulipTools Internet Business Owners and Online Sellers Community

TulipTools Internet Business Owners and Online Sellers Community > Ecommerce > Ecommerce > Merchant Accounts > Update to Payment Card Industry (PCI) Data Security Standard due this summer
Full Version: Update to Payment Card Industry (PCI) Data Security Standard due this summer
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

mandy

05-16-2006, 09:58 AM
Quote:Proposed new security rules for credit card-accepting businesses will put more scrutiny on software, but let them off the hook on encryption...

The proposed update includes a requirement to, by mid-2008, scan payment software for vulnerabilities, Maxwell said in a presentation at a security conference hosted by vulnerability management specialist Qualys. Currently, merchants are required to validate only that there are no security holes in their network. "There is an increase in application level attacks," Maxwell said.

While security stands to benefit from a broader vulnerability scan, another proposed change to the security rules may hurt security of consumer data, critics said. The new version of PCI will offer merchants more alternatives to encryption as a way to secure consumer data...

In response, changes to PCI will let companies replace encryption with other types of security technology, such as additional firewalls and access controls,..

full article: http://news.com.com/Credit+card+security...g=nefd.top

Kristijntje

07-23-2006, 09:41 AM
Update: Visa announces changes to PCI standards.

Quote: Visa U.S.A. is shifting higher-volume merchants across all channels into a more rigorous compliance validation category for the Payment Card Industry Data Security Standard, the association announced today...

The most significant change in the validation categories involves the Level 2 merchant category, which previously applied to merchants processing between 150,000 and 6 million e-commerce transactions per year. That level now has been broadened to include any merchant processing between 1 million and 6 million transactions annually, regardless of the channel...

full article: http://www.internetretailer.com/dailyNews.asp?id=19297

more information on PCI Compliance: www.visa.com/cisp

jezebel

07-24-2006, 10:44 PM
CISP compliance is a pain in theĀ  Bootyshake

bargainbloodhound

08-13-2006, 01:53 AM
[quote author=jezebel link=topic=3765.msg18568#msg18568 date=1153781078]
CISP compliance is a pain in theĀ  Bootyshake
[/quote]

That's probably why most merchants have yet to comply with it.
TulipTools Internet Business Owners and Online Sellers Community > Ecommerce > Ecommerce > Merchant Accounts > Update to Payment Card Industry (PCI) Data Security Standard due this summer