In this post we highlight the benefits of multi-signature wallets and applying the CCSS to the design and management of a multi-sig wallet.What is a Multi-Sig Wallet?When conducting a transaction on a blockchain, the transaction is signed by the initiator of the transaction with their private key. The signed transaction is then validated by [...]
About Nicole BraunThis author has not yet filled in any details.
So far Nicole Braun has created 39 blog entries.
It’s finally happened – on April 1st NZ time, PCI DSS v4.0 was released, and then on April 28th we saw the Self-Assessment Questionaries released. In this post we cover at a high level what’s changed and what stays the same. What Stays the Same The good thing about the SAQs is that the [...]
Service providers have always had a slightly different focus in PCI DSS because as a service provider you have the ability to impact your customers’ PCI DSS compliance and overall security. Whether that’s through providing certain managed services like managed firewalls or data centres, your customers expect you to be able to demonstrate that [...]
What is a CCSSA? CCSSA stands for CryptoCurrency Security Standard Auditor. If you pass the CCSS auditor certification exam and are accepted into the CCSSA program, then you can audit systems under CCSS that implement a cryptocurrency wallet. As of the date of this article (April 2022), the CCSS auditor exam is still [...]
Supporting Your Customers As a service provider, your customers are always looking for more information about which requirements they are responsible for and which ones you're responsible for. Some service providers have provided responsibility matrix documents, others have provided their AoC, others have provided other documents. But in v4.0, there's a new requirement [...]
What's New in Version 4? There's a lot of new things in version 4. In fact, there are 64 new requirements that you might be looking at by 31 March 2025. New Requirements for Merchants New Requirements for Service Providers New Requirements Applicable When You Use v4 (by March 2024) New Requirements [...]
How Often is Periodic The term "periodic" is not new to PCI DSS. But in Version 4, we see a new approach that wraps more governance around the meaning of periodic in Section 7 of PCI DSS V4.0. Periodic becomes a measure that is unique to every organisation. Governance plays a big role [...]
Let's Talk About Passwords If there's one thing that we know people have been waiting for, it's finding out whether PCI DSS would finally modernise password requirements. We are so excited to finally be able to tell you what's coming up in the Version 4 changes for passwords (in fact, some of these [...]
Missed a Requirement? A new way that we see reporting changing in v4.0 is that it brings in a new process for when you miss a requirement and how it could still be considered as meeting your compliance requirements. It's not a "get out of jail free" card, and it's not an excuse [...]
We've been mentioning it for years now, but in some exciting PCI DSS news, Version 4.0 is actually coming soon. On 22 January 2022, the PCI SSC released the stakeholder preview of version 4.0. And while we are still under an NDA and can't talk about it, we're excited to say that we're [...]