Tokenization

Hotel tech trade association offers best practices for reducing payment card risk

Hotel tech trade association offers best practices for reducing payment card risk

By

When it comes to credit card fraud, the hospitality industry has offered an attractive target for cyber criminals. Now, one trade group is helping these properties overcome security and compliance hurdles with a new framework.

PCI Council releases tokenization guidance

By

Tokenization solutions can simplify the requirements of PCI DSS by taking systems that no longer contain sensitive credit card numbers out of scope, according to a new guidance document from the PCI Council.

Security experts, DHS, lawmakers react to RSA hack

By

Five days after RSA announced that its systems were breached by a sophisticated attack, details remain scant about how customers of its SecurID two-factor authentication products may be affected.

PCI Council: P2PE simplifies PCI DSS compliance

By

The group responsible for managing payment security rules plans to release two new guidance documents early next month assessing the impact of emerging data security technologies on payment card security.

Is there a silver bullet to the payment industry's data security woes?

Is there a silver bullet to the payment industry's data security woes?

Security professionals must consider all the options available to them to secure cardholder data.

Visa issues tokenization guidance, clarifies rules around storage of card numbers

By

Visa on Wednesday released a four-page document that offers best practices for tokenization, the process by which 16-digit credit card numbers are replaced with unique symbols. The guidance is meant to reduce risk for merchants, vendors, service providers and acquiring banks. It covers such areas as detecting suspicious activity so attackers cannot compromise the token system. In addition on Wednesday, Visa, in conjunction with the National Retail Federation trade group, clarified its operating rules around storage of sensitive information. According to the card brand, issuing banks must accept a disguised or truncated card number on transaction receipts for dispute resolution. Also, merchants are permitted to store disguised or truncated card numbers to reduce the amount of data that could be retrieved by attackers. — DK

Sign up to our newsletters

POLL