Safeguarding payment data is more critical than ever. About a year ago, the PCI Council released a blog post that explained what an ASV was and why it’s essential. It contained some valuable information, so I wanted to share it. You can find the original post here. The PCI Security Standards Council (PCI SSC) has…
The movement of money from physical to digital has revolutionized how we bank and shop. However, this shift has also attracted criminals, replacing traditional heists with sophisticated digital thefts. Data is as valuable as money in today’s economy, making nearly every business a potential target for digital skimming attacks. From customer lists and payroll information…
Introduction As of March 31, 2025, Targeted Risk Analysis (TRA) will become a mandatory requirement for several controls in PCI DSS v4.0.1. This requirement affects both merchants and service providers equally, marking a significant change in compliance procedures. Key Points About TRA Requirements When is TRA Required? Organizations must implement TRA if they: When is…
With the development of PCI DSS v4 most of the changes are in the Report on Compliance (ROC) but there are also updates to the SAQ’s to align with the new standards. Here are some of the highlights and clarifications for the new SAQs. The responsibilities for merchants for which form they need to fill…
The PCI Security Standards Council (PCI SSC) issued version 4.0 of the PCI Data Security Standard (PCI DSS) on March 31, 2022. The PCI DSS is a global standard that establishes a baseline of technical and operational standards for protecting account data. PCI DSS v4.0 replaces PCI DSS version 3.2.1 to address emerging threats and…
Before I begin I want to clarify one important item, only your processor(s), acquiring bank(s), and/or card brand(s) can give you a definitive answer regarding your merchant level. I originally published this article in 2020 but I have updated with the latest level information and included UnionPay. Compliance with PCI DSS is crucial for any…
