Posted on

An Introduction to PCI Compliance

There are plenty of reasons for enterprises that work with cardholder data to care about payment card industry (PCI) compliance. For starters, maintaining PCI compliance is an essential part of protecting cardholders, reducing fraud, and avoiding damage to your reputation. Additionally, if your organization is found not to be PCI compliant, it will be subject to financial penalties and, ultimately, not allowed to process or handle card transactions.

Achieving PCI compliance can be complex and time-consuming. For businesses that want to launch and scale quickly, the burden is onerous. To help you navigate the challenges of PCI compliance, here we’ll provide a crash course on the topic. We’ll also take a look at how Marqeta can help enterprises meet PCI data security standard (DSS) requirements and go to market quickly.

Posted on

The Shifting Cloud-Native Landscape: Understanding Kubernetes Compliance and Security Frameworks

There’s a reason why Kubernetes (K8s) has become the world’s leading container orchestration platform, with 74% of today’s IT companies using it for containerized workloads in production. It’s often the simplest way to handle container configuration, deployment, and management at scale. But while Kubernetes has made use of containers easier, it has also added complexities when it comes to security.

Kubernetes’ default configurations don’t always provide optimal security for all workloads and microservices deployed. Plus, today you are responsible not only for defending your environment against vicious cyberattacks but also for meeting a wide variety of compliance requirements.

Posted on

What You Should Know About the PCI Software Security Framework in 2019

The Payment Card Industry Security Standards Council (PCI SSC) recently announced the new PCI Software Security Framework. The new set of standards aims to improve the security resiliency of applications that accept payments and use payment data in their ecosystems. Learn everything you need to know about the PCI Software Security Framework in this article.

What Is the PCI Software Security Framework?

The framework is a new set of standards for securing payment data against data breaches and fraud. There are standards for the secure design, development, and maintenance of modern payment solutions. The standard applies to payment software that is sold, distributed, or licensed to third parties for the purposes of supporting or facilitating payment transactions.

Posted on

How to Protect Sensitive Data With PCI DSS Compliance

This past weekend, as I was catching up on my reading, an older article caught my attention. It talked about how credit card numbers remain one of the top 10 types of stolen data traded on the dark web. It’s mind-boggling to learn how much you can earn from these stolen credit card numbers. Prices range from $5 to $110, with CVV data adding $5 and full bank info $15. A full package with name, social security number, birth date, and other personal data can cost another $30!

The tremendous value of this information, coupled with improper handling of sensitive data, is one reason for the high frequency of data breaches. Data breaches are a pervasive problem that affects multiple industries and organizations that handle or store personal information.