Tag: PCI DSS

PCI PCI DSS 3.2 became mandatory on the 1^st of November 2016. This article will discuss changes introduced to the SAQs by the new version of the standard.

For many small and medium size organisations it can be a difficult to know where to start with PCI DSS. There is quite a lot of PCI DSS documentation to get your head around, and some of the terminology is difficult to understand initially. Furthermore, your bank (or acquirer) may be telling you to become […]

PCI DSS requires that the scope of assessment must be checked to make sure the scope is accurate. This check must also be carried out every year. Even if the documented scope means that no cardholder data is stored, there still may be some cardholder details that have been inadvertently left in documents. These credit […]

Handling card payments yourself is complicated and expensive (requiring PCI compliance), so for many organisations it’s often more economical to use a third party payment processor, such as PayPal or Google Checkout. Generally, the vendor website will implement its own shopping cart (bespoke or off-the-shelf), and when the user goes to checkout, they are redirected […]

Updating OpenDLP can support Oracle Databases for the PCI DSS process when looking for credit card numbers and passwords searching Windows or Unix file systems. OpenDLP is an excellent tool for looking for credit card numbers as part of a PCI DSS scoping process, or looking for passwords and other sensitive data during a penetration test. It […]