News & Analysis as of

PCI-DSS Standard Credit Cards

Womble Bond Dickinson

Upcoming Deadline for PCI DSS 4.0.1 Implementation

Womble Bond Dickinson on

A critical deadline of March 31, 2025 is upcoming for the full implementation of the new requirements contained in the Payment Card Industry Data Security Standard (PCI DSS) version 4.0....more

McDermott Will & Emery

New PCI DSS 4.0 Will Impact the Digital Health and Healthcare Industries

McDermott Will & Emery on

The healthcare industry – particularly the digital health industry – is increasingly becoming monetized and using an e-commerce model through direct interactions with the customer to accept credit card payments. This...more

McDermott Will & Emery

How the New PCI DSS 4.0 Will Impact the Automotive Industry

McDermott Will & Emery on

The automotive industry is experiencing a shift to an e-commerce model through direct interactions with the customer to accept credit card payments. This innovation allows drivers and passengers to make payments for products...more

WilmerHale

$8 Million Multistate Settlement Resolves 2019 Data Breach Investigation

WilmerHale on

State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On July 26, 2022, Acting New Jersey Attorney General Matthew J. Platkin...more

McDermott Will & Emery

PCI DSS 4.0 Introduces Transformational Change: New Risk Analysis, Governance Requirements and Alternative Customized Approach

On March 31, 2022, the Payment Card Industry Security Standards Council released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an...more

Latham & Watkins LLP

EDPB Issues New Guidance on Storing Credit Card Data for Future Purchases

Latham & Watkins LLP on

Online retailers storing credit card data for the sole purpose of facilitating further purchases will likely need to obtain consumer consent. Online shopping has boomed in recent years. In 2020, the European statistics...more

White and Williams LLP

PCI SSC Issues New Standards for Payment Software

White and Williams LLP on

The Payment Card Industry Security Standards Council (PCI SSC) has issued a new Software Security Framework for secure payment software. The new framework includes both a Secure Software Standard and Secure Software Life...more

BCLP

Negotiating Payment Processing Agreements

BCLP on

Credit cards are the primary form of payment received by most retailers. In order to process a credit card a retailer must enter into an agreement with a bank and a payment processor (a “Payment processing agreement”)....more

BCLP

Credit Card Breaches

BCLP on

For most retailers credit cards are the primary form in which payments are made. Accepting credit cards, however, carries significant data security risks and potential legal liability. ...more

BCLP

Credit Cards and the Payment Card Industry Data Security Standard

BCLP on

For most retailers their primary source of revenue comes from credit card transactions. In order to accept credit cards, a retailer must enter into a contractual agreement with a payment processor and a merchant bank....more

BCLP

Selecting a Qualified Security Assessor (“QSA”)

BCLP on

Retailers that accept credit cards are typically required by the payment card brands to show that they are in compliance with the Payment Card Industry Data Security Standards or “PCI DSS” at least once a year. How a...more

BCLP

Credit Cards and the Payment Card Industry Data Security Standard

BCLP on

For most retailers the primary source of revenue comes from credit card transactions. In order to accept credit cards, a retailer must enter into a contractual agreement with a payment processor and a merchant bank....more

Farella Braun + Martel LLP

Winery, Vineyard Cyber Attack Risk Grows With Web-Connected Systems

In the internet of things (IoT), new opportunities for efficiency continually bring new cyber risk. If a device in your winery or vineyard connects to the internet, it is vulnerable. And so is the rest of the system connected...more

McGuireWoods LLP

A Storm Brews: Retailers Push Back Against Payment Card Industry Data Security Standards

McGuireWoods LLP on

As businesses and financial institutions grapple with data security in the wake of high profile breaches, tensions between retailers and the credit card industry over the creation and implementation of security standards...more

Bryan Cave Leighton Paisner

How to Select a Qualified Security Assessor (“QSA”)

Retailers that accept credit cards are typically required by the payment card brands to show that they are in compliance with the Payment Card Industry Data Security Standards or “PCI DSS” at least once a year. How a retailer...more

Alston & Bird

FTC Announces Study of PCI-DSS Assessment Companies

Alston & Bird on

On Monday, March 7 the Federal Trade Commission (FTC) issued a press release announcing that it had issued Orders to nine Qualified Security Assessor (QSA) companies, which are certified to assess whether or not entities...more

Robinson+Cole Data Privacy + Security Insider

FTC issues 9 orders for PCI DSS compliance assessment information

The Federal Trade Commission (FTC) issued orders to 9 companies at the beginning of this week, seeking information on how each company conducts Payment Card Industry Data Security Standards (PCI DSS) compliance assessments....more

Kelley Drye & Warren LLP

FTC Requests Auditors’ Data on PCI Data Security Assessments

Earlier this week, the FTC issued orders to nine credit card and payment security auditors in an effort to gain insight into data security compliance auditing and its role in protecting consumers’ information and privacy....more

Ballard Spahr LLP

FTC Examines Process by which Companies Assess Compliance with PCI DSS

Ballard Spahr LLP on

The Federal Trade Commission (FTC) has issued orders to obtain information about the process by which businesses audit their compliance with the Payment Card Industry Data Security Standards (PCI DSS) and the role of such...more

Perkins Coie

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Perkins Coie on

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

King & Spalding

Risky Business – Five Facts You Should Know About the EMV Liability Shift

King & Spalding on

On October 1, 2015 the major payment card companies instituted the EMV Liability Shift in an effort to incentivize card issuers and merchants to migrate to using payment cards with embedded chips (“chip cards”) according to...more

BakerHostetler

2015 BakerHostetler Incident Response Report Deeper Dive—Retailer Liability Arising from Stolen Payment Cards

BakerHostetler on

We released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. Over the next four weeks, we...more

Davis Wright Tremaine LLP

New PCI Tokenization Guidelines

Last week, the Payment Card Industry Security Standards Council released new guidelines related to the security of tokenization products. The guidelines are a set of technical best practices for evaluating tokenization...more

McDermott Will & Emery

Secure Sockets Layer (SSL) 3.0 Encryption Declared “No Longer Acceptable” to Protect Data

McDermott Will & Emery on

On Friday, February 13, 2015, the Payment Cards Industry (PCI) Security Standards Council (Council) posted a bulletin to its website, becoming the first regulatory body to publicly pronounce that Secure Socket Layers (SSL)...more

Davis Wright Tremaine LLP

Legal Departments: Are You Ready for The New PCI DSS Requirements?

Starting Jan. 1, 2015, the Payment Card Industry Data Security Standard (PCI DSS) Version 3.0 (click-through agreement required) will replace Version 2.0. The PCI DSS is a set of requirements developed by the four major...more

26 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide