It has now been one year since the Heartland Payments System breach was made public. What lessons have been learned and what more needs to be done to improve the security of the payment industry?
We asked four information security experts for their take on Heartland: One year later.
A group of seven restaurants in Louisiana and Mississippi has filed a class action lawsuit against point-of-sale vendor Radiant Systems and its distributor Computer World.
The suit claims that hundreds of customers had their identities stolen because the restaurants were sold payments terminals that were not PCI-DSS...
Since the Heartland data breach was announced in January, there's been no shortage of discussion about the Payment Card Industry Data Security Standard(PCI DSS) and its requirements of merchants and payments processors.
But what about financial institutions?
Banks and credit unions store large amounts of...
I was stunned and saddened to learn of the sudden death of David Taylor, one of the most prominent thought-leaders on the Payment Card System Data Security Standard (PCI).
Of all the compliance regulations, mandates and guidelines, you're most likely to encounter PCI. Any vendor, organization, entity, group, business, etc., that accepts and processes credit cards falls under the PCI requirements standard and is subject to its audit cycles.
PCI DSS covers a range of physical and...
What is the future of the Payment Card Industry Data Security Standard (PCI)?
In 2009, PCI was discussed in the context of the Heartland Payment Systems and RBS WorldPay data breaches - is the standard adequate, and what does compliance mean?
In 2010, the talk will be about the next-generation PCI standard - the...
Tokenization or end to end encryption - which solution will win the hearts of data protectors in the race to secure data?
A recent study conducted by PriceWaterhouseCoopers on behalf of the Payment Card Industry Security Standards Council shows that end to end encryption and tokenization are the top choices for...
Since the announcement of the Heartland data breach in January, the merits of the Payment Card Industry Data Security Standard (PCI DSS) have been questioned, and Bob Russo has led the defense.
In an exclusive interview, Russo, general manager of the PCI Security Standards Council, discusses:
Why end-to-end...
The next version of the Payment Card Industry Data Security Standard (PCI DSS), due out some time in 2010, may include guidelines for the use of virtualization technology to protect card data.
This was the prediction of some industry leaders meeting at the Payment Card Industry's Security Standards Council...
Emerging technologies are the hottest topics of discussion within the PCI Security Standards Council community meeting in Las Vegas this week.
The question, says David Taylor, founder of the PCI Knowledge Base, a PCI research firm, is 'How will PCI's security standards council embrace end-to-end encryption,...
Credit and debit cards are everywhere. I use mine daily, and I suspect many functioning adults in the U.S. and beyond do as well. For me, convenience is a major factor in their use - instead of carrying around wads of cash, I can carry a single piece of plastic and use it to accomplish the same goal -- buy things. ...
It's been an interesting year for the Payment Card Industry Data Security Standard.
In the middle of it all is a debate among payment card companies, banking institutions, merchants, industry groups and even congressional leaders, questioning the merit of the standard and all hinting at the same open question: What...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
