PCI, PFI, PCI DSS, PCI SSC, these are all terms you will hear and need to know about when operating within the Payment Card Industry. We understand that it’s a lot to read into, which is why we’ve compiled a simple run-through of all the basics you’ll need to know.
Foregenix is excited to be a part of the PCI SSC Latin America Forum. The LAF is an annual event where council staff and industry experts gather to share recent news and developments about the PCI DSS, technical and security updates, and ideas on how to improve security in the Payment Card Industry.
We are happy to announce that Foregenix has been re-invited to join the Global Executive Assessor Roundtable (GEAR) for another 3 years. We are proud to be one of the 28 participants on the executive committee level advisory board.
Firstly there are not going to be any spoilers in here I am afraid; while Foregenix participates in feedback on all PCI SSC issued standards and is an active member of the Global Executive Assessor Roundtable (GEAR), we do so under non-disclosure agreement, so we will not be commenting on the draft of PCI DSS version 4.0 that we provided feedback on. PCI DSS v3.2.1 has been around for a number of years and based on the standard lifecycle will be replaced shortly.
The Payment Card Industry Security Standards Council (PCI SSC) requires organisations to determine the scope of their PCI DSS assessment accurately.
Prior to discussing data discovery, it is important to define PCI DSS assessment scoping. The official definition by the PCI SSC for scoping is:
'Process of identifying all system components, people, and processes to be included in a PCI DSS assessment'.
PCI, PFI, PCI DSS, PCI SSC, these are all terms you will hear and need to know about when operating within the Payment Card Industry. We understand that it’s a lot to read into, which is why we’ve compiled a simple run-through of all the basics you’ll need to know.
Foregenix is excited to be a part of the PCI SSC Latin America Forum. The LAF is an annual event where council staff and industry experts gather to share recent news and developments about the PCI DSS, technical and security updates, and ideas on how to improve security in the Payment Card Industry.
We are happy to announce that Foregenix has been re-invited to join the Global Executive Assessor Roundtable (GEAR) for another 3 years. We are proud to be one of the 28 participants on the executive committee level advisory board.
Firstly there are not going to be any spoilers in here I am afraid; while Foregenix participates in feedback on all PCI SSC issued standards and is an active member of the Global Executive Assessor Roundtable (GEAR), we do so under non-disclosure agreement, so we will not be commenting on the draft of PCI DSS version 4.0 that we provided feedback on. PCI DSS v3.2.1 has been around for a number of years and based on the standard lifecycle will be replaced shortly.
The Payment Card Industry Security Standards Council (PCI SSC) requires organisations to determine the scope of their PCI DSS assessment accurately.
Prior to discussing data discovery, it is important to define PCI DSS assessment scoping. The official definition by the PCI SSC for scoping is:
'Process of identifying all system components, people, and processes to be included in a PCI DSS assessment'.
