Archive

A vulnerability assessment is a technical security audit that uses automated tools to test for security flaws, misconfigurations and weaknesses [...]

Validation/Audit refers to the final stage of PCI compliance whereby a Qualified Security Assessor (QSA) will validate and attest the compliance [...]

A value provided by hardware or software that usually works with an authentication server or VPN to perform dynamic or two-factor authentication.

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the [...]

A service provider is an entity that stores, processes or transmits cardholder data on behalf of merchants. Examples of service providers include [...]

The scope is a piece of work undertaken by an entity that stores, processes or transmits cardholder data and that is validated by a QSA

The report on compliance refers to a report that shows that an environment has been validated by a QSA in accordance with the PCI DSS.

A QSA is an Information Security and PCI expert who works for a QSA firm and who has been certified by the PCI SSC to

The Privacy Act 1988 (Privacy Act) regulates how personal information is handled. The Privacy Act includes ten National Privacy Principles [...]

Primary Account Number is essentially a payment card number (16 – 19 digits) which is generated according to the LUHNS algorithm).