Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/27/2013
02:27 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

PCI Community Prepares For New Standards Release

Annual meeting draws more than 1300 to discuss PCI DSS 3.0, EMV chip, mobile

LAS VEGAS, 26 September 2013 -- Today the PCI Security Standards Council (PCI SSC), an open, global forum for the development of payment card security standards, announced the close and recap of its seventh Annual North American PCI Community Meeting. The forum provides PCI Participating Organizations and assessors the opportunity to come together and discuss the latest updates and challenges in payment card security.

In preparation for release of version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application-Data Security Standard (PA-DSS) in November, this year's meeting convened more than 1300 global payment security professionals from 25 countries who play an active role in PCI Standards development.

A key focus for the meeting was to drive understanding and discussion of the standards updates in the context of the current payment card security landscape. Attendees received draft versions of the standards in advance of the meeting, and the two-day agenda provided a variety of opportunities to engage on the planned updates with PCI SSC staff, payment brand representatives and colleagues.

Other key focus areas at the meeting included:

 EMV chip adoption in the U.S. and implications for payment card security

 Current PCI technology initiatives around mobile payment acceptance, Point-to-Point Encryption (P2PE) and tokenization

 PCI challenges and lessons learned from peers

 Updates from PCI Special Interest Groups (SIGs) on Third Party Security Assurance and Best Practices for Maintaining PCI DSS Compliance

 Leveraging PCI training to drive greater education and awareness

"PCI Standards provide a strong framework for card security, and as we look to the future, this community will have an important role in continuing to drive card data protection globally," said Bob Russo, general manager, PCI Security Standards Council. "The record attendance at this event, the quality and caliber of the dialogue here this week and the standards that will be published in November all point to an active and engaged community that will together shap the future of payment card security."

The meeting in Las Vegas is the first of three PCI Community Meetings this year. PCI Participating Organizations and assessors in Europe and Asia-Pacific will also have the opportunity to discuss PCI Standards updates and initiatives at the following events:

Europe, 29-31, October 2013

Nice Acropolis

Nice, France

To register: https://www.pcisecuritystandards.org/communitymeeting/2013/europe/register.html

Asia-Pacific, 20 November 2013

Shangri-La Hotel

Kuala Lumpur, Malaysia

To register:

https://www.pcisecuritystandards.org/communitymeeting/2013/asiapacific/register.html

About the PCI Security Standards Council

The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has more than 700 Participating Organizations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally, please visit:

pcisecuritystandards.org.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.