PCI Security Standards Council Issues Guidance For E-Commerce SecurityPCI Security Standards Council Issues Guidance For E-Commerce Security
Update educates merchants on payment security challenges and significance of encryption.
February 1, 2017
The PCI Security Standards Council has released an update of its 2013 guidance on e-commerce that offers practical advice to merchants on understanding and maintaining a secure e-payment platform. Best Practices for Securing E-commerce is the result of a comprehensive study on payment security challenges by a Special Interest Group that included merchants, financial organizations, and service providers.
As online sales have increased significantly, the Council emphasizes the importance of encryption. In 2015, the Council said that those who accept payment cards must employ TLS 1.1 encryption or higher by next year June. Google, meantime, has said that use of HTTPS is necessary and now Chrome browser users are warning users when they visit a non-HTTPS website.
Said Troy Leach of the PCI Security Standards Council: "This information supplement is a testament to their (community members) collaboration and willingness to share their experience with others and provides easy to understand examples of e-commerce scenarios along with best practices to secure cardholder data and meet PCI DSS requirements."
Click here for supplement.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks