New PCI SSC guide recommends measures for third-party security assurance

The PCI Security Standards Council guide can help organizations and their business partners better understand their respective roles in securing card data.


The key to helping your customers make the move to Windows 7

Hallo ATM Marketplatz! This my first blog post of the year, and I’m ready to jump right into the hottest topic currently trending in the industry: Windows 7 software upgrades for ATMs. A recent ATMIA survey indicated that just 15...

Who's swimming naked?

If you're an IAD, here are four ways to ensure that you won't be exposed when the tide rolls out on EMV.

Does our FI need to be PCI compliant?

PCI compliance continues to be a confusing — and frustrating — topic. However the short answer to the question above is yes. All members of the various card brand networks (Visa, MasterCard, Amex, Discover) are required to be PCI compliant.

It's go time. Are your techs ready?

This year will be remembered for the number of ATM upgrades and replacements that occurred as a result of the migration from Windows XP to Windows 7. But this is not the only upgrade being implemented at this time.

Senate hearings on data breach hint at a long road to remedy

But first, the 'blame storm.'

How PCI is bad for small business

"PCI is completely one-sided," says Mark Horwedel of the Merchant Advisory Group. "Merchants can pay a lot of money to come and give advice while the networks can go in the other room and make all the decisions." (From the ATM & Mobile Executive Summit.)

Double-encrypted PINs provide extra layer of protection in breaches

As Target breach updates continue to roll out, PIN compromise is among the hot topics. The question as to whether PINs were exposed in the holiday-season incident gained steam when JPMorgan Chase imposed limits on daily ATM withdrawals for affected...

Guides offer a roadmap for 2 major ATM upgrades in 2014

Information in new premium guides can take some of the angst out of upgrades to EMV and Windows 7 in the new year.

How MagTek's technology works

MagTek CEO Mimi Hart details the inner workings of her company's card authentication technology. Next to her on the panel is CrowdStrike's director of intelligence, Adam Meyers, who leans forward. "I'd love to play with it," he admits. (From a panel at the ATM & Mobile Executive Summit.)

ATM compliance: Burden or business opportunity?

EMV, PCI DSS, and Windows 7 present complex questions now, competitive advantages in the longer term, experts say.

See More »


Online course aims to eradicate employees' unsafe computing habits

The PCI Security Standards Council has teamed with Security Essentials to create a program designed to help businesses establish a culture of security.

'Insiders Guide' delivers in-depth detail on PCI DSS 3.0 updates

The PCI Security Standards Council has announced a new online training resource, "An Insider's Guide to PCI DSS 3.0." The guide focuses on the intent, interpretation and implementation of major changes from PCI DSS 2.0 to PCI DSS 3.0, which...

EMVCo publishes framework for payment tokenization spec

EMVCo has announced the release of "The EMV Payment Tokenization Specification — Technical Framework v1.0," a document designed to allow payments industry members to develop interoperable tokenization solutions. The new specification offers the payments community — merchants, acquirers, issuers and...

Emirates NBD, NCR partner for ATM channel revamp

NCR Corp. has signed a 5-year, multimillion dollar agreement to provide unified ATM and self-service hardware, software and services for Emirates NBD, the largest banking group in the Middle East.

PCI SSC makes sure nothing gets 'lost in translation'

Today, the PCI Security Standards Council, an open global forum for the development of payment card security standards, announced that the PCI Data Security Standard and Payment Application Data Security Standard 3.0 are now available in nine languages. PCI 3.0...

ID Tech releases new PCI 3.x certified PIN entry device

PIN entry solution provider ID Tech has announced the release of its PCI 3.x-certified modular PIN entry device, the SmartPIN B100. This waterproof, tamper-resistant new model is designed for use in outdoor unattended applications such as ATMs and self-service kiosks,...

Report: Most companies that accept cards fail PCI standards

A new Verizon report has found that too many businesses, following their annual assessment for meeting the Payment Card Industry Data Security Standard , fail to maintain ongoing compliance — putting the businesses at increased risk for data breaches, and...

ATMIA publishes Windows XP risk analysis

The ATM Industry Association has released a report that analyzes potential risks arising from ATM operators' failure to upgrade their operating systems from Windows XP to Windows 7 before Microsoft ends its support for the older operating system on April...

TSS successfully integrates EPP7

Trusted Security Solutions Inc., a provider of secure ATM key management solutions, says it has performed successful end-to-end remote key loading and testing of the latest Diebold Inc. encrypting PIN pad, the EPP7. All ATM manufacturers are required to make changes to their EPPs in response to PCI 3.0 guidelines.

Revised PCI regs to go live on Jan. 1, 2014

The PCI Security Standards Council, an open, global forum for the development of payment card security standards, has published version 3.0 of the PCI Data Security Standard and the Payment Application Data Security Standard. The new standards and a detailed...

PCI Council previews update to standards

The PCI Security Standards Council, an open, global forum for the development of payment card security standards has published "PCI Data Security Standard and Payment Application Data Security Standard 3.0 Change Highlights" as a preview of the new version of...

Philippine banks must replace ATMs, cards

Banks were ordered Tuesday to replace existing automated teller machine cards and machines with new ones between 2015 and 2017 in an effort to curb hacking incidents involving ATMs. The mandate was prompted by a rash of hacking attacks that...

CSR patents its PCI ToolKit process

CSR, a provider of data privacy solutions, recently announced that it has been granted U.S. Patent No.

Paycorp Holdings among first to achieve PCI V2.0 status

For the second year running, Johannesburg, South Africa-based Paycorp Holdings is among the first in the South African financial services industry to successfully achieve compliance with PCI Version 2.0. Independent payments company Paycorp Holdings and its three subsidiaries, ATM Solutions,...

PCI DSS certification granted to U.S. Micro Corp.

U.S. Micro Corporation, an enterprise data security and IT asset disposition firm, has gained Data Security Standard certification. PCI DSS certification makes U.S.

See More »