Contents tagged with PCI Compliance

  • Security a major point of focus this holiday season

    October 29, 2014
    Black Friday is just around the corner.

    Halloween is Friday, which means by this time next week, we'll be well into November, Thanksgiving will only be a few weeks away and the holiday shopping season will be looming just around the corner. In fact, some organizations have already begun holiday-themed displays, but of course the season's unofficial kickoff doesn't commence until Black Friday, which is only four short weeks away. This year industry experts predict a gigantic shopping season, which puts pressure on retailers to keep up with increased traffic while maintaining the security of customer data.

    It was only last year when Target was hit hard right at the apex of the holiday shopping season — an incident that resulted in a PR nightmare the company is still trying to overcome. What followed was what can only be … more

  • Hacking incidents put pressure on small businesses to become PCI compliant

    October 10, 2014
    PCI compliance is a major issue at organizations of all sizes, but many small businesses don't seem to understand the risks associated with fraud.

    Most of the security breaches that have made headlines over the course of the past year have involved major corporations in either retail or banking. Target and Home Depot have fallen victim to highly publicized incidents in the past 12 months, and most recently the JP Morgan/Chase breach may have affected 76 million households. But due to the organization's dealing with small businesses, roughly 7 million small business owners may also be at risk.

    Small business owners often feel as if they aren't susceptible to security breaches due to their "unattractiveness" in the eyes of fraudsters. This is not the case. In fact, small businesses are often even more vulnerable to fraudulent activity, and according to the National Small Business Association, as many as 44 percent of all small … more

  • Business cite several reasons for upgrading POS systems

    July 24, 2014
    Companies cited several different reasons why they upgraded their POS system.

    More organizations are looking at their POS systems in a new way. The ever evolving technology landscape has sped up the decline of traditional systems and increased the need to upgrade to a new solution that embraces the latest in technological innovation.

    Recently, Vertical Systems Reseller released its third annual "State of the POS Market Study 2014." The research looked at the point of sale market across numerous industries and asked the question, why upgrade? The answers to this were numerous, but hit on a number of core payment processing challenges and trends.

    Topping the list, cited by 53 percent of the respondents, is PCI compliance. This is a challenge that businesses never fully conquered because PCI regulations are always changing. Keeping customer and payment … more

  • PCI compliance important on any payment platform

    May 29, 2014
    Online shopping requires businesses to focus on PCI compliance.

    In the business landscape, few trends have had as big an impact as the rise of the internet. Aside from the ability to connect with customers, the internet also opens up a new sales platform for merchants. However, it can create a number of challenges that companies may not be aware of.

    A recent article from Business News Daily examined several of these areas, all of which revolve around security measures. The piece points out that even though the customer may not be standing in the same room, businesses must keep customer data secure as per PCI Data Security Standards.

    This means companies need to focus on both simple things like checking billing and shipping addresses, as well as ensuring that they understand PCI compliance requirements and meet them. If … more

  • New retail data sharing process created

    May 22, 2014
    A new data sharing process will help payment process security.

    The ripple effects from the Target security breach have been large and far reaching. Aside from the impact within the company -- executives let go, payment process/credit card overhaul -- the industry as a whole is changing. This has opened the eyes of many business owners to the importance of secure payment processes.

    According to a recent article from the Los Angeles Times, several retail superpowers will be partnering with the Retail Industry Leaders Association, the Homeland Security Department, the Secret Service and the Federal Bureau of Investigation to create a new organization. The goal is to improve data sharing throughout the industry when it comes to security breaches.

    Through the new process, companies can anonymously share tips with the new government body. A small … more

  • Support deadline for Windows XP also means PCI compliance challenge

    April 07, 2014
    When Microsoft stops support for Windows XP, it will have an affect on PCI compliance.

    On April 8, there will be a major computer system shake-up when Microsoft ends its support for Windows XP. This means the 13-year-old operating system will no longer be receiving automatic software updates. The move opens up major security concerns for any company that still has hardware using that platform.

    A recent article from ABC.au examined how companies that are using Windows XP as part of their point of sale system could suddenly find themselves not only open to more attacks, but could also violate PCI compliance regulations.

    "The Payment Card Industry outlines that an operating system no longer supported by a vendor violates the standard through risks of security breaches, potentially leading to exposed customer credit card data," the article reads. "Retailers … more

  • Target, Trustware sued by banks of network breach

    March 28, 2014
    Target and Trustware are being sued over PCI compliance.

    Over the last few months, the Target security breach has been a major topic of conversation regarding technology security. A piece of malware was able to infiltrate the retailers network through a backdoor connection and affected roughly 110 million customers.

    According to an article from Wired, since being announced in December of 2013, there has been talk of litigation from consumers and banks. While some have been filed, they have either been settled or dismissed. However, there is one lawsuit that could become a major problem for Target.

    Chicago-based Trustmark National Bank and Green Bank NA, on behalf of all financial institutions affected by the breach, are suing Target and Trustwave -- the security company that certified the security of Target's network in September 2013. … more

  • Target data breach shows importance of maintaining PCI compliance

    March 17, 2014
    Even being PCI compliant, Target was still the victim of a security breach.

    Whenever there is a breach of payment information, someone at the business where it occurred is going to be held accountable. According to the New York Times, in the wake of one of the biggest breaches in retail history, Target CIO Beth Jacob resigned this week.

    Gregg Steinhafel, Target's CEO, said that this will be the beginning of an "overhaul" of how the company protects sensitive information. He added that while the investigation is ongoing, Target recognizes that the state of the security environment is evolving rapidly.

    A recent article from ComputerWorld examined this move by the business and asked the question, are there more to blame?

    The article features an interview with Gartner analyst Avivah Litan. She noted that keeping payment information safe is facing … more

  • What the Target breach means for the new PCI compliance standards

    February 13, 2014
    How do the new PCI compliance standards answer the Target breach questions?

    With the news of the security breach of Target's POS system and servers, as well as the ensuing investigation that found the malware used was linked to several other attacks last year, many people may be asking what is being done to prevent these attacks from happening. This inevitably turns all eyes on the Payment Card Industry Security Standards Council (PCI SSC) and the new security standards (PCI DSS v3.0) which were released in November 2013.

    A recent article from Nerd Wallet took this idea and ran with it by examining the latest version of the report and seeing what the main points retailers need to be on the lookout for. Since the regulations are brand new and do not take effect until the new year, which was after the Target breach was uncovered, some of these … more