Terry Rourke

Can Sensitive Cardholder Data Be Shared Without Worrying About PCI Compliance?

In a previous blog post, Can Cardholder Data be Stored Without Involving PCI Scope?, we discussed how the Payment Card Industry Data Security Standard (PCI DSS) says it is possible to store a unique token that represents a cardholder’s Primary Account Number (PAN).

Can Cardholder Data be Stored Without Involving PCI Scope?

Is it possible to store cardholder data without PCI scope? The short answer is no, but that doesn’t mean you cannot store a reference to it. Let me explain.

A Primer on Tokens, Tokenization, Payment Tokens and Merchant Tokens

Merchants around the world are navigating the world of tokens and tokenization, payment tokens and merchant tokens. When used properly, tokenization for retail merchants serves a dual use; it can be used to protect sensitive card data, and it can serve as an enabler for omni-commerce.

Getting Medieval: A (Modern) Multilayered Approach to Payments Security

PCI compliance is a detailed and grueling process for a reason; fraudsters will exploit any weakness they can uncover. History has shown that even major merchants that consumers would assume are fully protected can get breached.

EMV at the Pump: Is It Really That Secure?

Last weekend I went spring skiing, well spring snowboarding — but you know what I mean. It was sunny, with temperatures in the 50s — an epic day of carving mashed potatoes to close my snowboarding season.

An Executive’s Guide to the Top Five Fraud KPIs

Key performance indicators (KPIs) are a commonly used term across many industries. For KPIs to be a valuable way to measure success, they need to be properly defined, capable of being adjusted and connected to one another. When it comes to use of KPIs in fraud management, this is particularly important. With this in mind, let’s take a closer look at the different fraud KPIs, along with how they should ideally interact.