Terminal and PIN Entry Security Standards FAQs

PCI 360

The PCI 360 Education Program is a complimentary initiative offered by Mastercard to raise awareness and promote the adoption of PCI.

8-Digit BIN Expansion Mandate and PCI DSS Impact

This document discusses how the expansion of 6-digit BINs to 8-digit BINs primarily affects PCI DSS Requirements 3.3 (mask PAN when displayed) and 3.4 (render PAN unreadable anywhere it is stored) and what Mastercard’s update is on meeting these requirements.

View Now

Account Data Compromise Event Management Best Practices

This document is intended to assist customers and other stakeholders in implementing both proactive and reactive response strategies to address payment card data compromise events.

View Now

Cybersecurity Standards and Programs FAQs

This document highlights frequently asked questions about Mastercard Cybersecurity Standards and Programs.

View Now

Deciphering Virtual Card Numbers and PCI DSS Compliance

This short presentation will offer a brief yet concise explanation on the impact to PCI DSS Compliance Reporting Scope when single use and multi-use virtual cards are processed, stored or transmitted.

View Now

Guidance for Level 4 Merchant Risk Management Program

This document is intended to provide requirements and recommendations for acquirers looking to implement a Level 4 risk management program by 31 March 2019 to meet Mastercard’s Site Data Protection (SDP) Program requirements.

View Now

Guidance for Terminal Servicer PCI DSS Validation

This guidance document highlights how Terminal Servicers must comply with Mastercard’s Site Data Protection (SDP) Program requirements and provides a suggested minimum set of Payment Card Industry Data Security Standard (PCI DSS) requirements that may apply to Terminal Servicers.

View Now

Issuer Cyber Security Training

This training is designed to provide Issuing Banks with a high-level overview of ATM cash-out attacks and best practices to defend against this type of cyber attack.

Cyber Security Training English Cyber Security Training Portuguese Cyber Security Training Spanish

Merchant Cyber Security Training

This beginner training is designed to provide small merchants with an overview of cybersecurity, common cyberattack vectors, PCI DSS and best practices, and what to expect if a data breach does occur.

Cyber Security Training English Cyber Security Training Portuguese Cyber Security Training Spanish

New Cybersecurity Standards & Programs Chapter

Mastercard is introducing a new “Cybersecurity Standards and Programs” chapter to the Security Rules and Procedures (SR&P) manual. The new chapter provides an overview of relevant cybersecurity standards, including those published by the Payment Card Industry (PCI) Security Standards Council (SSC). It describes mandates and best practice recommendations for customers and their agents to ensure baseline cybersecurity controls are implemented and maintained.

View Now

PCI Data Security Essentials Resources for Small Merchants

This document discusses how Mastercard has incorporated the use of PCI Data Security Essentials Resources for small merchants into SDP Program Standards.

View Now

PCI DSS Validation Exemption Program for Eligible Merchants Using Secure Technologies

This document highlights how Mastercard’s Validation Exemption Program eliminates the requirement to validate PCI DSS compliance for card-present merchants using secure payment technologies such as EMV chip or a validated P2PE solution.

View Now

PCI Quarterly Newsletter

The Site Data Protection (SDP) Program quarterly newsletters cover important PCI topics ranging from news and updates on standards to payments industry resources.

2019 Q4 2020 Q1 2020 Q2 2020 Q3

Secure Payment Technologies Demystified (US Payment Security Taskforce)

View Now

Security Bulletin – Magento 1 Expiration Date

An urgent reminder to acquirers that Magento 1 will no longer be supported by Adobe after 30 June 2020.

View Now

Service Provider Categories and PCI

This document summarizes all Service Provider types that must be registered with Mastercard based on program services offered and highlights those that must comply with both SDP and PCI Standards.

View Now

Systems of Cyber Resilience: Secure and Trusted Fintech

The World Economic Forum’s FinTech Cybersecurity Consortium released recommendations for a common, global, security framework for fintechs.

View Now More information

Terminal and PIN Entry Security Standards FAQs

This document highlights frequently asked questions about Mastercard security standards applicable to terminals such as ATM and POS terminals, including PIN entry standards.

View Now

Terminal Servicers – FAQs

This document highlights frequently asked questions about 2017-2018 updates to the Mastercard Site Data Protection Program compliance and registration requirements for Terminal Servicers.

View Now

Terminal Servicers Qualified Integrator & Reseller (QIR) Participation Validation Form

The Mastercard Terminal Servicer QIR Participation Validation Form for eligible Terminal Servicers may be completed and submitted to the SDP Department as an alternative to validating compliance with the Payment Card Industry Data Security Standard (PCI DSS).

View Now

US Payment Security Taskforce Strategic Roadmap

View Now