In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
Earlier this year, the PCI Security Standards Council issued version 4.0 of PCI DSS. Two experts from Verizon, Ferdinand Delos Santos and Rokon Zaman, discuss the new requirements of the regulations and strategies for implementing them to reduce risk and improve an organization’s overall security.
Software point of sale or SoftPOS is a groundbreaking technology that allows businesses to accept card payments directly on their devices without requiring any additional software. As this payment method gains widespread adoption, what does it mean for the security of our payments systems?
The PCI Security Standards Council on Thursday released the Payment Card Industry Data Security Standard version 4.0. The latest version's improvements are intended to counter evolving threats and technologies, and the new version will enable innovative methods to combat new threats.
The Reserve Bank of India's "New Umbrella Entity" initiative, designed to support a digital retail payments system similar to National Payments Corp. of India, would be a game-changer to boost digital innovation in the payments industry, according to a panel of experts.
To help ensure security as India moves to digital payments, enterprises need to educate their customers to help them understand potential risks and take the right precautions, says payments expert Navin Surya.
The Reserve Bank of India's draft of a framework for new self-regulatory organizations, including one that would help oversee payment system operators, fails to adequately address security issues, some observers say.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
Jeff Schilling, global CISO at Teleperformance, a Paris-based company offering digitally integrated business services worldwide, describes four principles for mitigating security risks for the remote workforce during the COVID-19 pandemic.
Although The Bangladesh Central Bank has mandated all banks in the country comply with the PCI Data Security Standard, many are not yet compliant, says Abul Kalam Azad, head of IT security and compliance at Eastern Bank, one of the nation's largest public sector banks, who offers tips on achieving compliance.
Troy Leach of the PCI Security Standards Council discusses how the shift to card-not-present transactions during the COVID-19 pandemic has created new fraud-fighting challenges and offers an update on pending standards revisions.
Addressing digital payment security challenges requires having good identity verification capabilities as well as a strong authentication process that's friction-free for consumers, says Singapore-based Gautam Aggarwal, senior vice president and regional chief technology officer, Asia Pacific, at Mastercard.
The identity and access management strategy for the remote workforce should ensure contextual authentication to establish the credentials of the users, apply risk-based authentication for measuring user risk profiles, and establish a multifactor authentication mechanism, a panel of experts says.
Organizations in India need to ramp up their authentication efforts in light of a 40% increase in cashless transactions since the start of the COVID-19 pandemic, which has led to increases in attempted fraud, security experts say.
The Reserve Bank of India's plans to create a self-regulatory organization by April to help oversee the digital payments system could help reduce the complexity of RBI's efforts to help ensure payments security, some security experts say.