{"id":9187,"date":"2017-08-15T13:56:00","date_gmt":"2017-08-15T11:56:00","guid":{"rendered":"https:\/\/usd.formwandler.rocks\/pci-update-best-practices-for-securing-e-commerce\/"},"modified":"2021-05-31T15:34:08","modified_gmt":"2021-05-31T13:34:08","slug":"pci-update-best-practices-for-securing-e-commerce","status":"publish","type":"post","link":"https:\/\/www.usd.de\/en\/pci-update-best-practices-for-securing-e-commerce\/","title":{"rendered":"PCI Update \"Best Practices for Securing E-Commerce\""},"content":{"rendered":"\n<p>by Viktor Ahrens and Dennis Yang.<br>The Information Supplement \u201cBest Practices for Securing E-commerce\u201d supports merchants and service providers in e-commerce in assessing the security of existing e-commerce solutions and selecting a suitable implementation.<br>The update of the document from 2013 had become necessary in order to keep up with developments since the initial release. The SAQ (Self-Assessment Questionnaire) A-EP, for example, which enables a simplified certification process for merchants who use Direct Post and JavaScript implementations, was introduced within this timeframe. In version 3.2, the SAQ A was furthermore extended by new requirements regarding user management and password security.<br>Apart from the different e-commerce solutions and examples, the Information Supplement also contains clarifications on merchants\u2019 and service providers\u2019 different responsibilities. Merchants and service providers who outsource their services to a third party provider entirely often erroneously assume that they are no longer responsible for the PCI DSS requirements. The information supplement provides clarifications on this issue.<br>The document also contains detailed explanations and diagrams on each of the individual e-commerce solutions regarding the PCI DSS scope, security risks, and costs and expenses. The document specifically addresses commonly offered solutions using URL Redirect, iFrames, Direct Post, Java Script, and APIs. Further topics surrounding e-commerce, such as \u201cTokenization\u201d and \u201cEncryption\u201d are discussed in a concluding chapter on \u201cBest Practices\u201d.<br>The Guidance can be found on the official PCI SSC website\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.pcisecuritystandards.org\/pdfs\/best_practices_securing_ecommerce.pdf\" target=\"_blank\">here<\/a><br>If you have further questions or need assistance with your scope definition, please contact us. Our specialists are happy to help:<br>+49 6102 8631-190<br>vertrieb@usd.de<br><strong>About the PCI Expert Tips:<\/strong><br>With our PCI Expert Tips, we would like to keep you informed about changes to the PCI Security Standards and provide you with initial explanations as to what the changes entail and how they may affect you. Please always take our articles only as a general reference \u2013 they do not replace individual case-by-case evaluations.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>by Viktor Ahrens and Dennis Yang.The Information Supplement \u201cBest Practices for Securing E-commerce\u201d supports merchants and service providers in e-commerce in assessing the security of existing e-commerce solutions and selecting a suitable implementation.The update of the document from 2013 had become necessary in order to keep up with developments since the initial release. The SAQ [&hellip;]<\/p>\n","protected":false},"author":96,"featured_media":9188,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"footnotes":""},"categories":[373,394],"tags":[],"class_list":["post-9187","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en","category-pci-en"],"_links":{"self":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/9187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/comments?post=9187"}],"version-history":[{"count":0,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/posts\/9187\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media\/9188"}],"wp:attachment":[{"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/media?parent=9187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/categories?post=9187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.usd.de\/en\/wp-json\/wp\/v2\/tags?post=9187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}