Visa Europe revealed important stats about the usage of Contactless Cards. Poland, Spain and the UK use this payment methd the most, with UK usage growing by 300% year over year.
Following the latest events concerning the outbreak of coronavirus disease (COVID-19), the Payment Card Industry Security Standards Council (PCI SSC) is developing a series of activities internally and with its partners to prevent the spread and ensure the security of all personnel involved in the security of card payment transactions.
In this regard, the following guidelines have been established:
1. Extension of the expiration dates of PCI PTS devices approved under version 3: on April 30, 2020, PIN Transaction Security Point-of-Interaction (PCI PTS) v3 devices would be declared expired (including PEDs (PIN entry devices) and non-PEDs, EPPs (encrypting PIN pads), UPTs (unattended payment terminal), and SCRs (Secure Card Readers)). Depending on the criteria of each brand of the payment card, expired devices fall into a category that includes some restrictions of acquisition and deployment, as they could be affected by the most recent generations of attacks
Due to coronavirus-related supply chain disruptions, the PCI SSC has extended the expiration date of devices certified under version 3 to April 30, 2021 (one additional year from the original date):
However, for those regions or entities not currently affected by the outbreak, the PCI SSC recommends that the initial replacement plan towards version 4 or 5 certified devices be continued.
2. Execution of remote formal compliance assessments: to prevent possible infections from meetings, travel, conferences and other events involving the congregation of groups of people, PCI SSC has recognized the need to prioritize the health and safety of all personnel involved in conducting formal assessments of compliance with its standards. To this end:
3. Postponement of different PCI SSC events: the PCI SSC Forum in India (India Town Hall) has been canceled, while the dates for the Latin America Forum are being reviewed to ensure the safety of all attendees. For now, the training courses continue with the same dates.
The PCI SSC has published a web page that will provide updated information on actions related to coronavirus management at https://www.pcisecuritystandards.org/covid19.
At Advantio we are also aware of this exceptional situation, so we will be constantly monitoring the situation and informing our clients and business partners to avoid risk as much as possible and minimize the impact of this situation on daily operations.
I am the Senior Security Consultant in Advantio. I have more than 15 years of experience, working both in South America and Europe. My information security background includes consultancy and audit, training, implementation of security technologies and design and policy development among others.
Certifications: CISSP, CISM, CISA, CRISC, CEH, CHFI, PCI QSA, QSA (P2PE), 3DS Assessor