{"id":4238,"date":"2016-09-13T07:45:20","date_gmt":"2016-09-13T02:15:20","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=4238"},"modified":"2016-09-13T07:45:20","modified_gmt":"2016-09-13T02:15:20","slug":"pci-council-wants-more-robust-security-controls-for-payment-devices","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/pci-council-wants-more-robust-security-controls-for-payment-devices\/","title":{"rendered":"PCI Council wants more robust security controls for payment devices"},"content":{"rendered":"<div>\n<div class=\"entry-content\">\n<p>The PCI Council has updated its payment device standard to enable stronger protections for cardholder data, which includes the PIN and the cardholder data (on magnetic stripe or the chip of an EMV card) stored on the card or on a mobile device.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/ift.tt\/2covZod\" class=\"aligncenter\" alt=\"payment devices\" title=\"PCI SSC\" \/><\/p>\n<p>Specifically, version 5.0 of the PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular Security Requirements emphasizes more robust security controls for payment devices to prevent physical tampering and the insertion of malware that can compromise card data during payment transactions.<\/p>\n<p>The updates are designed to stay one step ahead of criminals who continue to develop new ways to steal credit and debit card data from cash machines, in-store and unattended terminals and mobile devices used for payment transactions. Payment devices that directly consume magnetic stripe information from customers remain a top target for data theft, according to the 2016 Data Breach Investigation Report from Verizon.<\/p>\n<p>\u201cCriminals constantly attempt to break security controls to find ways to exploit data. We continue to see innovative skimming devices and new attack methods that put cardholder data at risk for fraud,\u201d said PCI Security Standards Council CTO Troy Leach. \u201cSecurity must continue to evolve to defend against these threats. The newest PCI standard for payment devices recognizes this challenge by requiring protections against advancements in attack techniques.\u201d<\/p>\n<p>A summary of PCI PTS POI Modular Security Requirements version 5.0 updates are available <a href=\"https:\/\/ift.tt\/2cow0IH\" target=\"_blank\">here<\/a>.<\/p>\n<p>Vendors can begin using PCI PTS POI Modular Security Requirements version 5.0 now for payment device evaluations. Version 4.1 will retire in September 2017 for evaluations of new payment devices.<\/p>\n<p>\u201cWith EMV chip the industry is improving protections against skimming and other attacks to reduce fraud,\u201d added PCI Security Standards Council General Manager Stephen Orfei. \u201cBut no technology is bulletproof. In this ongoing battle against criminal attacks, we must continue to adapt the way we secure payments. With the latest PCI device standard, PCI is driving the evolution of global industry data security standards that protect payment transactions now and in the future.\u201d<\/p>\n<p class=\"hnst-tag-specific-content\">\n<\/p><\/div>\n<\/p><\/div>\n<p>via https:\/\/ift.tt\/2cStf71<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The PCI Council has updated its payment device standard to enable stronger protections for cardholder data, which includes the PIN and the cardholder data (on magnetic stripe or the chip of an EMV card) stored on the card or on a mobile device. Specifically, version 5.0 of the PCI PIN Transaction Security (PTS) Point-of-Interaction (POI) &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/qadit.com\/blog\/pci-council-wants-more-robust-security-controls-for-payment-devices\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;PCI Council wants more robust security controls for payment devices&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[],"class_list":["post-4238","post","type-post","status-publish","format-standard","hentry","category-itsec"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-16m","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=4238"}],"version-history":[{"count":1,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4238\/revisions"}],"predecessor-version":[{"id":4239,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/4238\/revisions\/4239"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=4238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=4238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=4238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}