Register for PaymentsJournal
Global Payout Get Approval for Chip and PIN Prepaid Cards
Global Payout Inc., a prepaid program manager based in San Diego, Calif.,...
Free Whitepaper: Converging Trends Making 2015 a Year to Remember in Payments and Banking
2014 was far from a sleepy year in the payments industry, but it was just a...
NRF’s Big Picture: Key Payments Takeaways
In order to understand the future of payments executives look towards trends...
Lack of Chip and PIN Frustrates NRF
Security has become another wedge, like interchange, between banks and...
Mercator Advisory Group Offers Complimentary 2015 Payments and Banking Outlooks
Mercator Advisory Group has released a series of Viewpoints that provide...
Bierhaus App, Clover, Estimote, BLE & Apple Pay = Unique Customer Experience
Bierhaus app customers will order and pay at the table using a Clover solution...
Free Analyst Roundtable - EMV and Apple Pay Shake Up U.S. Card Issuing
Date and time Tuesday, October 28, 2014 1 00 pm Eastern Daylight Time (New...
Credit and Feds Chip and PIN Order
Last Friday, President Obama signed an executive order that requires the...
W3C Intends to Standardize Online Payments & Mobile Wallets
W3C, the body that manages internet standards has announced it will work with...
Webinar - Surviving Disruptive Payments Innovation: (We’re not talking about Bitcoin)
Continuing to be on the forefront of payments industry research, Mercator...
Surviving Disruptive Payments Innovation: What You Need to Know (We’re not talking about Bitcoin) - Webinar
Continuing to be on the forefront of payments industry research, Mercator...
Free Webinar - Analyst Roundtable: Payments and Banking 2014 the Disruption and Opportunity Factor
Mercator Advisory Group will host a free, hour long webinar Tuesday, May...
NRF Asks Congress to Act on Data Security
The National Retail Federation sent a letter to Congress yesterday...
Smaller Merchants Not Taking Proper PCI Precautions
The majority of small to mid sized merchants understand complying with PCI...
Capgemini and RBS Release 2013 World Payments Report
Global non cash transactions continued to enjoy robust growth in 2012, up 8.5...
Fed Seeks Industry Input Regarding Better Payment Systems
The Federal Reserve has come up with five desired outcomes it hopes to achieve...
PCI Council Set to Release New Standards
The PCI Council is scheduled to release version 3.0 of its Data Security...
VeriFone Launches Point to Simplify Merchant Services
VeriFone Systems Inc. this week launched VeriFone Point, a cloud based payment...
Cyber Security Firms Note Shift from Mass Attacks to Targeted Events
A recent feature in the Sacramento Bee examines the rise in cyberattacks...
Apple's iCloud Keychain Presents a Potential PCI Issue
During Apple’s recent Worldwide Developers Conference, Apple didn’t reveal...
PCI Council Introduces Special Credential for ISOs
The Payment Card Industry Security Standards Council recently introduced what...
Prime Factors Launches EMV Data Prep Solution
In a statement released today, Prime Factors has announced the introduction of...
Owner of Lids, Journeys Sues Visa Over PCI Fines
A report in Wired details a lawsuit filed last week in Tennessee by Genesco,...
PayPal Releases New Mobile API
PayPal is introducing new developer tools that will help enable mobile...
PCI Council Announces MPOS Guidance
For those companies seeking clarity on securing mobile card payment acceptance...
PCI in the Cloud
Bankinfosecurity.com has an audio interview with Bob Russo of the Payment Card...
Is Protection of Cardholder Identity the Purview of PCI?
One speaker at the recent Northeast Acquirers’ Association annual conference...
Viableware Ready to Ride the Rail
Viableware, creator of the Rail payment platform for full service restaurants...
Zaxby’s Breach Impacts 10 States
The latest high profile card data security breach has effected 108 Zaxby fast...
Study: Level 4 Merchant PCI Compliance Turning Into Money Grab
The results of a study conducted by PCI vendor ControlScan and the Merchant...
PCI Compliance Not Getting Any Easier (Yet)
The process of merchant achieving compliance with the Payment Card Industry...
Dexter Malware: POS Serial Killer; and More Details on Barnes & Noble Hack
Infosec researchers and fraud threat detection firm Seculert are reporting...
Retailers Can Learn From South Carolina's Data Breach
StoreFront BackTalk had a post last week from frequent contributor Walt Conway...
Study: 71% of Merchants Scanned Were Storing Unencrypted Data
PCI solutions vendor SecurityMetrics has released its Second Annual Payment...
A Bucket List of Network Challenges
A financial reporter did what they do best by digging through a company's SEC...
PaymentsJournal and Prime Factors Launch PCI Compliance Strategy Session
In the payments industry, no topic has generated more angst and confusion in...
Trustwave Exec Opines on PCI Mobile Guidance
In an online Op Ed in SC Magazine UK, David Froud, Global Director of Practice...
PCI Council Releases Mobile Payment Application Development Guidelines
The Payment Card Industry Security Standards Council has issued its...
PCI Council Cites Mobile and Emerging Tech as Priorities
Best practices regarding mobile payment security should be forthcoming this...
CNP Fraud Rate Increase Double that of Counterfeits: FICO
The user consortium for FICO's Falcon Fraud Manager has produced data that...
Visa First Card Network to Offer Point-to-Point Encryption for Merchants and Acquirers
Visa announced Tuesday it will launch an encryption service next year designed...
PCI Councils Pushes New Program, But Will it Help?
The PCI Council is pushing a new training program designed to enhance point of...
Heartland Assists Merchants in Breach Forensics
Once a merchant is breached and loses control of payment card data, it is...
Petco Breach: Move Along, Nothing to See Here
Payments industry folks will be happy to know that the recently announced...
ACI Achieves PCI Compliance for End-To-End Encryption Package
Multiple Birds, One Stone: How the Cloud Simplifies GDPR and PCI DSS Compliance
3 Key Strategies for Achieving PCI Compliance for Your Business
Are You Ready For PCI-DSS 3.2?
Beyond PCI Compliance
FreedomPay Launches First Integrated Pay-At-Table Solution In North America With PCI Validated P2PE, EMV And NFC
CipherCloud Unveils Next Generation Tokenization for Cloud Data Protection
Credit Card Standards Are Changing: How to Prepare for PCI 3.0
Cyber attacks against industrial control systems, retailer point-of-sale systems see surge in 2014
EMV: Why the world adopted it
Canada Updates Credit-Card Transaction Rules
Feds update code of conduct for credit, debit card transactions
New safeguards could cut fraud on credit, debit cards
Bluefin Payment Systems Introduces PCI-Validated Point-to-Point Encryption (P2PE) Solution for Mobile Payments
Banks back PIN-based authentication even as NDA regime pushes for biometric verification
R.I.P Chip & Pin: Barclaycard Glove Leads Way in Wearable Payment Tech
How tokenization may change the way you pay
Banks, Processors, and EFT Networks Prepare: Visa Intends To Control and Monetize Tokens(2)
Does an Executive Order make payments more secure in the U.S.?
PCI Issues Security Awareness Guidance
The Future of Payment Security: Tokenization
Nearly Half of U.S. Merchant Terminals to Accept Chip in 2015(2)
Fed sets up tokenisation work group : Finextra
The Future of PCI
Free Mercator Advisory Group Apple Payment Initiative Analysis
PCI Updates Skimming Prevention Guide : PCI Security Standards Council
Home Depot Hit By Same Malware as Target : Krebs On Security
When Measuring Big Banks' Subsidy, First Count the Costs: American Banker
Wells Fargo Extends Commercial Cards to Europe, EMV-Enabled Cards Globally: CPI
The Shift to Safer Chip-and-PIN Credit Cards - NY Times
ControlScan Upgrades PCI Compliance Guide Website: Green Sheet:
2Checkout Announces 'Inline Checkout' — Seamless Purchase Experience With all the Benefits of Hosted Payments
Payleven brings mobile NFC-card readers to Europe
Creating A Strong Foundation for Securing Payment Data With PCI Standards: Bank Tech
Chip Standards Body Fast-Tracks New Token Standard in Wake of Target, Other Recent Breaches: Digital Transactions
Credit Card Privacy Becomes Senate’s Topic of the Week: Roll Call
These Guys Battled BlackPOS at a Retailer: Krebs on Security
Neiman Marcus: 1.1M cards may be compromised: Associated Press
Cheat Sheet: What Bankers Need to Know About the Target Breach: Bank Technology News
PCI Standard Losing Ground: Data Security Exec: CU Times
Verizon Adds PCI Compliance Services: PaymentsSource
Allied Wallet Partners with Paysafecard to Accept More Payments: Business Wire
Legal Issues in Keeping Patient’s Credit Card Information on File: National Law Review
Schnucks trying to get lawsuits dismissed in credit card security breach: KMOV
New PCI Council Rules Call for More Extensive Testing of Card-Accepting Devices: Digital Transactions
Simple Mistakes Pave Way for Costly Data Breaches: PaymentsSource
The Logic Group Achieves World’s First Accreditation for PCI Point to Point Encryption Application: The Logic Group
Mako Networks Announces Expanded PCI DSS Certification:scoop
Attorney General Koster Investigating Schnucks Debit Card Breach: CBS Local
PCI Security Standards Council publishes card production security requirements: PCI Council
CKE Restaurants Inks Security and Compliance Service Agreement with ControlScan: Business Wire
New Payment Card Industry (PCI) Security Guidelines for Mobile Applications Explored :prweb
Class action filed against Schnucks over security breach: The Madison-St. Clair Record
Ten ways to tighten your payment security: Globe and Mail
CSR Partners with My Clear Reports for Data Compliance: Business Wire
ControlScan and Bridge Point Form Strategic Compliance Partnership in Australian Marketplace: ControlScan
Why The SAQs Will Change This Year:storefrontbacktalk
MEPS to partner with PCI Security Standards Council:businesswire
Visa and Genesco conflict highlights PCI misstep: CRN
SignaPay Partners with ControlScan for Stronger SMB Payment Security and Compliance: ControlScan
HIPAA and PCI Compliance Are Not Interchangeable: Data Knowledge Center
nCircle launches Certified PCI Scan Service for SMBs: The Green Sheet
EarthLink Partners with ANX to Launch Managed PCI Compliance Solution for Retailers and Restaurateurs: Restaurantnews.com
Too many merchants lack PCI compliance: InfoSecurity Magazine
Qube Processing introduces mobile payment solutions:PRWeb
PCI Releases PCI DSS E-Commerce Security Guidelines: PCI Council
Potential credit/debit card breach at The Works Bakery Café: Brattleboro Reformer
Peak 10 Cloud Validated for PCI Compliance: Ping! Zine
PCI London 2013: Cardholder Data Discovery Critical to Mitigating Fraud and Data Theft: PRNewswire
ITX Design Launches Service to Help Simplify PCI DSS Compliance: The Whir
The 5 Biggest Mistakes to Avoid for PCI DSS Compliance Revealed PCI QSA Consultant: PR Web
How secure are RFID contactless payments?: The Guardian
Australia: Card fraud peaks but risks remain: Business Day
Protecting consumer data demands vigilance: Pizza Today
Ten Ways To Secure Web Data Under PCI:darkreading.com
PCI Risk Assessment Tips Offered:bankinfosecurity.com
Lax Security Blamed for Payment Breach: The Green Sheet
PCI Council Releases Risk Assessment Guidlines
Small Merchants Still Don’t ‘Get’ Card Data Security: PaymentsSource
South Carolina hack expose 387,000 card numbers: Finextra
Data thieves target debit cards, PINs at point of sale: USA Today
B&N Sued by Chicago-Area Consumer Over Pin Code Skimming: Bloomberg
Barnes & Noble reports breach of U.S. customer credit card data: Yahoo Finance
New ATM Security Guidance Expected: Bank Info Security
RSA Helps Customers Simplify PCI Compliance in Virtualized Environments: The Sacramento Bee
Australia: PCI compliance awareness lacking in finance world, survey finds: Computerworld
PCI Council Launches New Program
Mind the Gap: PIN versus Signature Authentication: Federal Reserve Bank of Atlanta
Top 10 PCI Compliance Remediation List issued by QSA Charles Denyer: redOrbit
Credit Card Security And PCI: Where Do We Go From Here?: Convenience Store Decisions
ChipCap Unveils all‐in‐one Card Reader: Business Wire
Why Card Fraud Grows: Bank Info Security
Cybersecurity: How prepared is Nigeria for cashless initiative?: BusinessDay
Heartland Reports Record Quarterly Earnings: MarketWatch
Merchants Payments Coalition Blasts Fed: Supermarket News
AJB Accelerates EMV Migration for Retailers: MarketWatch
Challenges with PCI-DSS Compliance: Bank Info Security
Financial Transaction Services Teams with Trustwave to Offer PCI Compliance: PR.com
Summary of Feedback Received for PCI DSS v2.0 and PA-DSS v2.0, August 2012
This document presents a summary of the feedback that was provided to the Payment Card Industry Security Standards Council (PCI SSC) relating to v2.0 of the PCI Data Security Standard (PCI DSS) and PCI Payment Application Data Security Standard (PA-DSS).
Data Encryption 101: A Pragmatic Approach to PCI Compliance
Educational, unbiased white paper cuts through techno-babble and discusses how to select appropriate software for PCI encryption and key management. It provides you with the information you need to make an intelligent cryptographic choice.
Tokenization Guidance: How to reduce PCI compliance costs
Informative white paper by Securosis explains how tokenization reduces the cost of PCI compliance by 50%, and provides guidance the PCI Council failed to provide in its guidelines for tokenization.
Tokenization at the POS
The mapping of the token to a specific card number is maintained in what tokenization providers often refer to as a vault, a database maintained in their data center that is highly secure. Their operations are, of course, PCI compliant and include encryption. For more information about this particular slide, please visit Mercator Advisory Group's Fraud, Risk & Analytics Service here.
PCI Skimming Prevention Suggestions
The PCI Council presents best practices for merchants regarding skimming protection. For more information about the Council's efforts, visit them here.
Getting Started with PCI
Data security for merchants and payment card processors is the vital byproduct of applying the information security best practices found in the Payment Card Industry Data Security Standard (PCI DSS). The standard includes 12 requirements for any business that stores, processes or transmits payment cardholder data. For more information about the PCI Council's efforts, visit them here.
Heartland Payment Systems is investing heavily in its end-to-end encryption (E3) initiative including the cost of trademarking E3 to represent its approach. Heartland views encryption as operating across 5 zones.
The FAQ on PCI Compliance
Payment Card Industry (sometimes called PCI) compliance is a set of rules that govern data security across credit and debit card payments. Businesses must to comply with these requirements outlined by the PCI Security Standards Council in order for their merchant account to remain in good standing.Every business that accepts credit and/or debit cards must comply with these standards, regardless of what processing method they use. BluePay has put together a simple guide answering some frequently asked questions as well as debunking some myths regarding PCI compliance. Check it out:
Skimming Prevention: Overview of Best Practices for Merchants
PCI Security Standards currently contain a number of requirements and recommendations to guard against skimming. Paper by PCI Security Standards Council
IdentityTheft: Trends and Issues
A Congressional Research Group provides an overview of identity theft, trends and issues.
World Payments Report 2013
Now in its ninth year, World Payments Report (WPR) from Capgemini and The Royal Bank of Scotland (RBS) is an anticipated and valuable resource for payments industry professionals to track the state and evolution of the global non-cash payments market.
Fees, Fraud and Regulation: Forces of Change in the Payment Card Industry
The Federal Reserve Bank of Kansas City examines what's currently changing in the payment card industry in this research briefing.
2012 AFP Payments Fraud and Control Survey
J.P. Morgan is extremely pleased to sponsor the 2012 AFP Payments Fraud and Control Survey for the fourth consecutive year. We are also pleased to see that this year's respondents report a slight decrease overall in the incidence of fraud attempts. Nevertheless, the prevalence and persistency of payments fraud remain stubbornly high. The war against fraud is by no means over.
2012 Payments Fraud Survey Summary of Results
In April and May 2012, the Federal Reserve Bank (FRB) of Minneapolis’ Payments Information and Outreach Office conducted research on payments-related fraud experienced by area organizations. Payments covered in the survey included transactions involving cash, check, debit and credit cards, automated clearinghouse (ACH), and wire transfers.
A Tale of Two Merchants: The Fourth Annual Survey of Level 4 Merchant PCI Compliance Trends
Since 2009, the Payment Card Industry (PCI) compliance and security experts at ControlScan have undertaken an annual survey measuring Level 4 merchants’ engagement with the PCI Data Security Standard (DSS).
2012 True Cost of Fraud
LexisNexis September 2012
Benchmarking Level 4 Merchant PCI Compliance: The Acquirer's Perspective
Control Scan January 2012
Organizations See PCI as a Benefit, Not a Burden
Compliance and Regulation
Fraud, Risk and Analytics
Advertise With Us
Recommend RSS Feed
Join Buyers Guide
Host a Strategy Session
List a Calendar Event
Give Us Feedback
Contact Mercator Advisory Group
© & ™ 2002 - 2017 | Mercator Advisory Group. All Rights Reserved
Terms and Conditions
Make Us Your Homepage