PCI SSC

Recent Posts

New PCI Software-Based PIN Entry on COTS Standard

The PCI SSC has announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices (COTS), such as smartphones and tablets. The PCI Software-Based PIN Entry (SPoC) Standard provides a software-based approach for protecting PIN entry on the wide variety of COTS devices in the market today. The security requirements are for solution providers to use in developing secure solutions that enable EMV contact and contactless transactions with PIN entry on the merchant’s consumer device using a secure PIN entry application in combination with a Secure Card Reader for PIN (SCRP). Here we talk with PCI SSC Chief Technology Officer Troy Leach about the new standard, what makes it different than other PCI PIN Standards, and how it’s designed to secure payment data.

Read More

What do new PCI DSS SAQ changes mean?

This is a guest post from the PCI Security Standards Council. It was originally published on the PCI Perspectives Blog as an interview with PCI SSC Senior Director of Data Security Standards, Emma Sutcliffe.

Self-Assessment Questionnaires (SAQ) are forms used by eligible organizations to report the results of a PCI Data Security Standard (PCI DSS) self-assessment. Earlier this year, the PCI Security Standards Council (PCI SSC) issued revised SAQs for use with PCI DSS version 3.2. In this Q&A with PCI SSC Senior Director of Data Security Standards Emma Sutcliffe, we look at what merchants need to know about new updates to the SAQs.

Read More

Subscribe