Over the past decade, we’ve seen many changes of regulations and directives relating to payment services. The changes have been driven by a need to improve not only security surrounding financial transactions, but transparency on the different types of payment services and their charges. The Second Payment Services Directive (PSD2) ... Read More

Geoff Forsyth has recently featured on World Commerce Review discussing how, in a time when the public is more engaged on the subject of data security than ever before, businesses can provide assurances about customers' data security. The post Providing assurances about customers’ data security appeared first on PCI Pal ... Read More

The risk of malicious activity from a business’ own staff is real, current, and no industry is immune. Statistics from the most recent CIFAS Employee FraudScape report show that 585 insider fraud cases were reported to its internal fraud database in just 12-months, and the prevalence of fraudulent account withdrawals ... Read More

Last month, the revised ‘Securing Telephony Payments’ document was released by the PCI SSC SIG working group. While this received much coverage, another update occurred quietly in the background, but which is just as significant; FAQ 1153 ‘How does PCI DSS apply to VoIP?’ Until now, PCI DSS and VoIP ... Read More

As a member of the global Payment Card Industry Security Standards Council (PCI SSC), we welcome the updated guidance on protecting payment card data in contact centre environments. The tech landscape has evolved significantly since 2011 (which is when the initial version of the guidance was introduced), and fraud rates ... Read More

Having spoken extensively in the past about what could happen to businesses and consumers in the wake of a data breach post-GDPR, we are now able to see the fallout. British Airways (BA) has warned that around 380,000 card payments on its website and through its app were compromised between ... Read More

Back in 2014, we examined in detail why PCI Compliance should not be treated as an annual event. Since then, there has been a raft of changes in the form of PCI DSS v3.2.1 and other regulations come into effect. Considering this we ask – Should PCI Compliance still be ... Read More