PCI Under The Microscope
The PCI Council has testified before Congress about standards and breaches in both 2014 and 2009 (links are to Google Searches). This year PCI is...
Cardholder data, aka CHD, comes from credit, debit, and prepaid cards bearing the logo of one of the PCI founding card brands. CHD includes the primary account number (PAN) alone or in combination with any of name, expiry date, and a piece of hidden data called a service code. CHD can be in any media format including text or binary data in files and databases, images, and audio. All of these formats need to be protected under PCI.
For clarity, sensitive authentication data has additional restrictions. Truncated cardholder data is not considered cardholder data.
For more see the official PCI Compliance glossary.
The PCI Council has testified before Congress about standards and breaches in both 2014 and 2009 (links are to Google Searches). This year PCI is...
The PCI 3DS Core Security Standard, which builds on the EMV 3DS standard was introduced to mitigate the risk of fraud for businesses handling...
To accept credit cards in Canada, businesses need to be PCI compliant. Becoming PCI compliant can be difficult in the first place and keeping up...