GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?


Table of Contents

Lead Story

Turbulence expected for 1099-K reporting, be prepared

News

Industry Update

Washington takes a second look at Durbin

Big card brands, big banks hit with more antitrust suits

CEOs advise wait and see at ETA forum

Update feeds need for more PTS guidance

Features

Legislative update, November 2011

Five key lessons e-commerce merchants can learn from the 2010 holiday season

Michael Duffy
Chase Paymentech Solutions LLC

Research Rundown

Give, inspire and flourish

Selling Prepaid

Prepaid in brief

Union Privilege makes savings a plus

Holiday gift cards get personal

Views

ISOs and the new frontier of payments

Brandes Elitch
CrossCheck Inc.

Education

Street SmartsSM:
Agent training - more than taking a test

Bill Pirtle
C3ET Credit Card Consortia for Education & Training Inc.

When big money meets small ISOs

Adam Atlas
Attorney at Law

Country-specific alternative payments

Caroline Hometh
RocketPay LLC

Visa to eliminate PCI DSS requirements with EMV - not

Linda Grimm
Linda Grimm Consulting

How does a credit card salesperson learn to sell POS?

Jerry Cibley
United Bank Card Inc.

PR and press release basics

Peggy Bekavac Olson
Strategic Marketing

Managing infrastructure in a virtual world

Tim Cranny
Panoptic Security Inc.

Caution: Assumptions ahead

Jeff Fortney
Clearent LLC

Company Profile

POS Portal Inc.

New Products

TIN matching simplified

TIN Matching Service
SecurityMetrics Inc.

Authenticate and process with one touch

OneTouch Mobile Payment
Admeris Payment Systems Inc.

Inspiration

Choose to be grateful

Departments

Forum

Resource Guide

Datebook

A Bigger Thing

The Green Sheet Online Edition

November 14, 2011  •  Issue 11:11:01

previous next

Update feeds need for more PTS guidance

The PCI Security Standards Council (PCI SSC) updated the standard that mandates security requirements for PIN entry devices to incorporate devices that do not offer PIN entry.

The PIN Transaction Security (PTS) Data Security Standard (DSS) was expanded to include guidance for determining whether non-PIN accepting devices meet the requirements of point-to-point encryption (P2PE) - the technology many security experts believe is the most secure way to protect personal information and other card transaction data.

The update to the PTS DSS, a companion to the overarching Payment Card Industry (PCI) DSS, provides guidelines for the testing of any card acceptance device to determine if it can be used with P2PE technology. The PCI SSC said that, until now, the PTS DSS applied to PIN acceptance devices only. But with the release of version 3.1 of the PTS DSS, any device used for the acceptance of electronic payments can now be tested for its compatibility with P2PE technology.

Guidance for SCRs

Additionally, the new version of PTS DSS addresses secure card readers (SCRs) - devices that encrypt card data at the point of swipe, such as mag-stripe reading "sleeves" and dongles that fit on smart phones to transform them into payment acceptance devices.

"Merchants looking to use magnetic stripe readers (MSRs) or MSR plug-ins now can ensure these devices have been tested and approved to encrypt data on the reader before it reaches the device," the PCI SSC said.

The council hopes the release of the update will promote the use of open payment platforms, exemplified by smart phone payment systems. PCI SSC General Manager Bob Russo said, "We know how eager the market is to implement P2PE. By releasing these updated requirements now, merchants using any type of card acceptance device will have the ability to encrypt data at the point of interaction and ensure its protection.

Additionally, we've opened the standard up to address mobile devices - another area of great interest to our stakeholders."

New features

Version 3.0 of PTS DSS was released in April 2010. The October 2011 update, v3.1, can be accessed at www.pcisecuritystandards.org/documents/PCI_PTS_POI_SRs_v3_1.pdf and includes these new features:

The PCI SSC hosted two free webinars outlining PTS DSS v3.1, followed by live Q&As. The webinars were held Nov. 8 and Nov. 10, 2011.

For additional news stories, please visit www.greensheet.com and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

USAePay | Impact Paysystems | Electronic Merchant Systems | Inovio