July 8, 2020 •
There is a fine line being walked in the merchant acquiring and payments space. As both the primary players and the smaller providers know, merchants’ security threat landscape continues to shift and expand at a rapid pace. Guiding merchants down the path of implementing security protocols to protect the merchant, and mitigating breach risk for the processor, can be challenging. We see acquirers meeting this challenge through what I call a “scalpel approach.”
Payment Security • PCI Compliance • Risk Management
March 12, 2020 •
After leaving the March 2-5 conference, I ate lunch at an open seating restaurant at the airport. Over lunch I educated two people on the latest Intelligence on credit card security and fraud, armed with new stats and insights I’d picked up at the MAC Level Up conference. This was proof positive that MAC delivers as it relates to educational content and relevance. In this post, I will share my biggest takeaways from the conference.
October 10, 2019 •
As of last week—October 1 to be exact—all new assessments for protection of payment card personal identification number (PIN) data must be performed against the latest Payment Card Industry (PCI) PIN Security Requirements and Testing Procedures, version 3.0. The now-effective PCI PIN Security Standard includes changes to requirements and sunset dates that may have a […]
Encryption • Payment Security • PCI Compliance
August 13, 2019 •
A new exploit known as e-commerce skimming is making the rounds. The PCI SSC recently released a blog warning of the growing threat of digital skimming, followed immediately by a bulletin from Visa warning of the same. There are three important areas to consider that will help protect your website from e-commerce skimming.
Coronavirus • Payment Security • Website Security
March 20, 2019 •
Counterfeit payment cards, stolen payment cards, use of an assumed identity to complete a credit card application… these are easily-recognizable examples of payment card fraud. When a fraud incident occurs in the retail setting, it’s often contained with only small losses occurring to the merchant involved. But what happens when a payment card data breach occurs at that same business? Are its causes and consequences basically the same?
Payment Security • Point of Sale
December 19, 2018 •
Recently I sat down with CSP Magazine technology writer Jackson Lewis to talk about the technology “arms race” retailers and law enforcement are in with skimming criminals. We refer to it as such because, like every other area of cybersecurity, there is a continual one-upping of technology going on between the good guys and the bad guys. When it comes to fuel pump skimmers, however, there may be an end in sight…
Encryption • Payment Security • Point of Sale
July 16, 2018 •
Merchant service providers implement PCI compliance programs to lessen the likelihood of a data breach happening among the merchants within their portfolios. These programs help raise awareness of, and compliance with, the Payment Card Industry Data Security Standard (PCI DSS).But compliance is no small task, and applying the PCI DSS principals across a portfolio of tens (or even hundreds) of thousands of merchants can be daunting. That’s why I’m here at ControlScan: It’s my job to ensure our partners achieve measurable PCI compliance program success.
Payment Security • PCI Compliance