Saturday, July 17, 2010

PCI updates

VISA issued two "best practice" documents

  • Tokenization best practice. I touched on this topic here while discussing the new version of PCI, in this document VISA gives a broader requirement for tokenization.


  • The second document, PAN truncation best practice is a clarification on the requirements for merchants to store the card number for things like chargeback and refunds. National Retail Foundation discussed this in detail in their review here.

Here is an excellent guide that provides simple and quick information security steps for small to mid-size merchants that accept credit and/or debit cards as a form of payment. It covers topics such as:

  • Laws and Mandates Governing Securing Customer Data
  • Securing Customers Data
  • What are five minimum security actions a small business should implement?
  • Information Security "Do's" and "Don'ts"

You can download the document here.

No comments: