Payment Card Industry Issues

COVID-19 has caused more employees to work remotely or at home, presenting cybersecurity challenges to organizations in the payments industry.  PCI Security Standards Council has issued best practices to secure and protect telephone based payment card data while working remotely. These best practices include:

  • Train staff.  Ensure any systems that remote workers use to process

I came across an insightful interview with Bob Russo, general manager of the Payment Card Industry Security Standards Council (the “Council”), that was conducted by cnet news. The interview can be found here and it is a strongly suggested read.

The Council was created by Visa, MasterCard, American Express, Discover, and JCB for the purpose of creating a unified compliance program for organizations accepting and processing payment card transactions. The Payment Card Industry Data Security Standard (the “Standard”), available here, was created by the Council to deter credit card fraud. Many view these efforts as an industry-wide effort to apply uniform security practices, which largely has been the effect.

All organizations that enter into a merchant processing agreement to accept credit and payment card transactions must comply with the Standard in some manner. While the reporting requirements may be less onerous for organizations accepting payments below some fixed amount, in any event all such organizations must comply.
 


Continue Reading Payment Card Industry (PCI) Standards Council Speaks

The Payment Card Industry Security Standards Council, which administers the PCI standards, has issued guidelines for applying its protocols to wireless technology. These Guidelines will help merchants incorporate wireless networking equipment without compromising data security. The Guidelines consist of nine requirements that provide guidance for testing and deploying wireless networks. Specifically, the Guidelines will help

Minnesota made waves in 2007 when it became the first state to make part the Payment Card Industry (“PCI”) Data Security Standard applicable to its Plastic Card Security Act. Although it has taken over two years, Nevada has become the second state to incorporate PCI and it has done so by making all of the PCI standard applicable.
Continue Reading Payment Card Industry Data Security Standard Comes to Nevada