Payment Card Assessments | PCI DSS
By:
Jesse Eldell
June 12th, 2025
Imagine your computer account is like your house in that you need specific keys to get inside where all your valuables are kept. For years, people relied on simple door locks only requiring one key - like a password, as their main form of security. But clever thieves, known as "phishers," have become really skilled at tricking people into handing over copies of their keys (stealing passwords, codes, and authentication tokens). This growing threat has prompted the need for newer and stronger methods of authentication in payment security, such as phishing-resistant authentication.
Payment Card Assessments | PCI DSS
By:
Will Sparks
April 22nd, 2025
Transport Layer Security (TLS) is a cryptographic protocol that encrypts data, authenticates connections, and protects the data in transmission. As time passes, new versions of TLS are released to strengthen defenses and maintain an advantage of the constantly evolving threat landscape. Understanding these updates is essential for anyone managing secure systems or handling sensitive data online.
Payment Card Assessments | PCI DSS
By:
Ken Van Allen
April 2nd, 2025
In our digital economy, online shopping has become second nature for consumers worldwide. Yet behind the seamless checkout experiences that we've come to expect lies a complex security challenge that merchants must navigate. With the rise of e-commerce payment processing comes the rise in threats from e-skimming attacks.
FedRAMP | Payment Card Assessments | PCI DSS
By:
Ken Van Allen
March 6th, 2025
Given today’s continually evolving threat landscape, strengthening access controls is an essential element and growing priority of any robust security program. As such, it’s no surprise multi-factor authentication (MFA) has become a widely adopted compliance requirement by a significant number of security standards across industries. That said, it can be difficult to understand the intricacies of the MFA regulations for each compliance framework.
By:
Matt Crane
January 31st, 2025
The PCI Security Standards Council (PCI SSC) has announced significant updates impacting e-commerce merchants currently collecting payments via an iFrame or redirect. The new guidance brings notable changes to the PCI DSS compliance process for merchants who are eligible to complete the Self-Assessment Questionnaire (SAQ) A.
Payment Card Assessments | PCI DSS
By:
PHIL DORCZUK
September 9th, 2024
Historically, PCI DSS has treated most service accounts as shared administrator accounts that had to be authorized with specific privileges using strong authentication factors. But now, version 4.0 of the PCI DSS has greatly expanded the scope of authentication and authorization requirements—while you’ll still need to secure those administrator accounts, you’ll now also need to implement controls to protect any application and service accounts in your environment.
Payment Card Assessments | PCI DSS
By:
Jeff Lasker
July 30th, 2024
Since the sunsetting of PCI DSS v3.2.1 on March 31, 2024, PCI DSS v4.0 has become effective, as have some of its new requirements (though future-dated requirements will be effective March 31, 2025). While v4.0 has introduced some major changes in various areas, for service providers—including some that include additional nuance for colocation providers in particular—multiple new requirements are now effective as well as some that are future-dated.
Payment Card Assessments | PCI DSS
By:
Matt Crane
June 11th, 2024
As of June 11th, PCI DSS v4.0.1 was officially released. This update comes with several clarifications and adjustments to the previous version, ensuring more precise guidelines and addressing various implementation issues.