The Payment Card Industry Security Standards Council (‘PCI SSC’) has had a busy year thus far updating both its Card Production Security Requirements and its Data Security Standards (‘PCI DSS’).

First, on 10 April, the PCI SSC updated its Card Production Requirements (guidance published to help card producers secure the card production process from creation through to delivery). The requirements themselves are divided into two parts: Card Production Logical Security Requirements and Card Production Physical Security Requirements. The logical requirements apply to the personalisation of cards or the manipulation of card data, whereas the physical requirements deal with processes like the storage and mailing of cards. The update changes or adds requirements across a variety of issues, from card storage embossing to emergency exits; but although the PCI SSC maintain the standards, the emphasis is firmly upon payment companies themselves to manage assessments against these PCI requirements.
Continue Reading PCI Council Updates both Card Production Standards and Data Security Standards

The Payment Card Industry Security Standards Council (‘PCI SSC’) has had a busy year thus far updating both its Card Production Security Requirements and its Data Security Standards (‘PCI DSS’).

First, on 10 April, the PCI SSC updated its Card Production Requirements (guidance published to help card producers secure the card production process from creation through to delivery).  The requirements themselves are divided into two parts: Card Production Logical Security Requirements and Card Production Physical Security Requirements. The logical requirements apply to the personalisation of cards or the manipulation of card data, whereas the physical requirements deal with processes like the storage and mailing of cards. The update changes or adds requirements across a variety of issues, from card storage embossing to emergency exits; but although the PCI SSC maintain the standards, the emphasis is firmly upon payment companies themselves to manage assessments against these PCI requirements.Continue Reading PCI Council Updates both Card Production Standards and Data Security Standards

This month the PCI Security Standards Council published the highlights of the new data security standards (DSS) that will come into effect in November 2013. The 3.0 Change Highlights provides a preview of the new standards which are meant to be more flexible and presents security as a responsibility shared through education and awareness.

The