Secure Payment Services: Card Data Security Transformed

RSA, the security division of EMC, recently released a new security brief entitled, “Secure Payment Services: Card Data Security Transformed,” that outlines the security implications and benefits of the emerging category of outsourced secure payment services. In fact, many of the challenges we’ve discussed over the years in this blog can be solved by accomplishing significant scope reduction—the surest way to reduce the impact of PCI DSS on an environment.

The authors of the brief include Dr. Anton Chuvakin (Security Warrior Consulting), Sam Curry (RSA), Robert Griffin (RSA), Craig Tieken (First Data), Steven Wilson (Visa EU), and me.

The brief offers practical guidance on how retailers, merchants, and other organizations handling card data can improve payment card security and reduce the risks associated with keeping payment card numbers.

Check out the brief here, and a the Speaking of Security Podcast I did with Paul Joyal.

This post originally appeared on

Possibly Related Posts: