Missed a Requirement? A new way that we see reporting changing in v4.0 is that it brings in a new process for when you miss a requirement and how it could still be considered as meeting your compliance requirements. It's not a "get out of jail free" card, and it's not an excuse [...]
For a long time, the domain of specialised technology teams within organisations resulted in siloed IT operations and risk being kept away from the wider business. Cybersecurity a topic gaining attention around Exec and Board tables in today’s digital world. Terms like cyber activism, ransomware, and cyber terrorism haven’t been around all that [...]
We've been mentioning it for years now, but in some exciting PCI DSS news, Version 4.0 is actually coming soon. On 22 January 2022, the PCI SSC released the stakeholder preview of version 4.0. And while we are still under an NDA and can't talk about it, we're excited to say that we're [...]
A criticism often aimed at Payment Cards Industry‘s (PCI) Data Security Standard (DSS) is that it sets the bar too high. Often security practitioners find fault in the way that PCI DSS does some things (minimum password lengths anyone?). The truth is probably somewhere in between these two extremes. There are parts of PCI [...]
You've just finished a project successfully, on time, (mostly) on budget, and maybe even exactly what was asked for. You turn up to work the next day and there's a new project waiting for you. Something called "PCI". Suddenly, you've been dropped into a world of compliance, standards, security, reporting, and things you've [...]
In January 2021, the PCI Security Standards Council published an interview with Nicole Braun, Confide's Associate Director of Security to find out about how she got involved in the payments field, and her experiences as a woman working in a field that has been traditionally male. She also talks about how [...]
We all know that 2020 brought a lot of uncertainty and changes to the way that we do things. And while some of that is not going to change in 2021, we thought this was a good time to look forward to what we expect for 2021 in the payments industry and how [...]
You may have heard something about the Privacy Act being updated. There's lots in the news these days about privacy, including new laws being passed which protect customer data: GDPR (EU General Data Protection Regulation) from 25th May 2018 CCPA (California Customer Privacy Act) from 1st January 2020 PDPB (India Personal Data Protection [...]
It's not uncommon to take payments by phone. Whether you're a small business, a charity, or a large retailer; there may be situations where your customers need to make a payment over the phone. However, if you are taking payments by phone, there are a few things that you need to keep in [...]
If you're a charity, you may never have thought that you might need PCI compliance and why it might matter to your donors. The Fred Hollows Foundation has worked hard to reach, and maintain on an annual basis, PCI compliance and has found clear benefits to their organisation, including: Stronger foundation for the [...]
