The White House heads west to Silicon Valley on Friday looking for ideas on how to improve the nation's cybersecurity, and members of President Barack Obama's administration are likely to get an earful.
A consortium that develops guidelines for protecting payment card data is hoping that emerging security technologies will help prevent breaches that made this year one of the worst ever on the security front.
The "Shellshock" flaw has the potential to pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies warned on Tuesday.
While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry.
The growing number of data breaches resulting in massive numbers of payment cards being stolen from retail stores and other businesses is occurring because they're failing to keep up with the Payment Card Industry's data security standard, according to the PCI Security Standards Council.
A payment card industry security consortium warned retailers on Wednesday of the urgency to secure their systems against "Backoff," a malicious software program that steals card numbers.
When Microsoft stops supporting Windows XP next month businesses that have to comply with payment card industry (PCI) data security standards as well as health care and financial standards may find themselves out of compliance unless they call in some creative fixes, experts say.
The U.S. Congress should mandate that banks, retailers and payment card processors adopt new security standards to protect against widespread data breaches, some lawmakers said Wednesday.
The PCI Security Standards Council released version 3.0 of the PCI Data Security Standard (PCI DSS) and corresponding Payment Application Data Security Standard (PA-DSS), adding new security requirements and guidance for payment-card industry organizations, including merchants, payment processors, financial institutions and service providers.
Businesses that want to make use of consumer-grade smartphones and tablets as a point-of-sale device to process payment cards are being advised to only do so when appropriate encryption controls and other security measures are in place.
Can you hold Payment Card Information (PCI) data in a cloud-based service? Yes, but doing so isn't straightforward, so the PCI Security Standards Council has published a guideline that clarifies what approaches compliance-minded businesses can take.
The Payment Card Industry (PCI) Security Standards Council today issued guidelines on how businesses storing, processing or transmitting payment-card information should look at doing an annual risk assessment.
The PCI Security Standards Council today is expected to issue guidelines on use of point-to-point encryption in protecting sensitive payment card data, but the narrow approach — which is focused on hardware — is raising questions.
Enterprises got some much needed clarification on the implementation of PCI requirements in virtualized environments on Tuesday.
The organization in charge of defining security for the payment-card industry's merchants and service providers Tuesday issued two guidance papers, the first on end-to-end encryption and the second on payment card technology used more commonly in Europe than the United States.