Launch of PCIBlog.org Discussion Forum!

January 21, 2017 PCI Blog 0

The Unofficial PCI Blog, PCIBlog.org, is excited to announce the launch of its Compliance & IT Security Discussion Forum! PCIBlog.org is already the most trusted information source for PCI compliance and security, and is now launching its discussion forum to connect industry professionals.  The Forum [read more]

P2PE vs E2EE

Security Alert: Oracle Micros POS Breach

August 8, 2016 PCI Blog 0

Oracle Micros Data Breach Summary Hacked: Oracle Micros POS Division Hacker: Carbanak Gang (Russian Cyber Crime Syndicate) Affected Systems: Oracle Micros Support Portal, Oracle Micros systems Size and Scope: TBD Immediate Action: Customers should immediately reset passwords for the Oracle Micros Support portal More Information Oracle Micros has [read more]

P2PE, EMV, Tokenization, Oh My!

June 14, 2016 PCI Blog 2

Unless you’re an industry expert, understanding the many industry technologies such as Point-to-Point Encryption (P2PE), EMV and Tokenization – and their confusing acronyms – can be extremely difficult.  For most merchants, payments security focuses on three major goals: Prevent a data breach by limiting or removing [read more]

SSL TLS 1.2 Migration

SSL/Early TLS Migration Guide

May 18, 2016 PCI Blog 0

On February 13, 2015, the PCI SSC released a bulletin announcing that Secure Socket Layer (SSL) is no longer considered a secure, strong cryptographic protocol for the transmission of data.  The special bulletin, which can be found here, stated the following: The National Institute of [read more]

P2PE vs E2EE Explained

May 13, 2016 PCI Blog 3

If understanding the PCI scope reduction benefits of enterprise security solutions wasn’t confusing enough, many companies have doubled-down by spreading misinformation around point-to-point encryption versus end-to-end encryption, or P2PE vs E2EE.  As an independent IT security and PCI blog, we decided to write this article in an effort [read more]