China, Shanghai—From June 19th to 20th, Visa held the Asia Pacific Security Summit in Shanghai, China.
During the “Ecosystem Data Security Workshop” on the 19th, Diana Greenhaw, VISA’s Vice President of Global Payment System Risk, gave a speech on “Ecosystem Risk Updates—A Global Perspective”. As one of the signature sponsors, atsec draws attention from industry and customers by providing professional security assessment and testing services based on global standards. Many friends stopped by the atsec booth and discussed technical topics with atsec consultants, such as how to achieve PCI compliance. atsec also offered prizes at our booth for correctly answered security questions to spread knowledge of security standards and technology.
Chief Technical Officer of PCI Security Standards Council, spoke about “PCI Global Updates” discussing the technology development of global payment standardization. Next PCI Laboratory Director Yan Liu and Principal Consultant and QSA Jinyun Chen from atsec China presented on “Protecting your data by using PCI DSS.”
atsec first introduced an overview of the Payment Card Industry, including the current standards family, the SIG (Special Interest Group) for this year, and the GEAR (Global Executive Assessor Roundtable) for improving overall assessment quality. Then atsec’s methodology regarding PCI DSS assessment and compliance was emphasized.
During the presentation, atsec briefly introduced the PCI DSS requirements related to data protection, security development, security operation and administration. Finally, atsec shared experience on how to efficiently maintain PCI DSS compliance. All of the speakers suggested integrating the PCI DSS requirements and best practices into daily work activities.
The theme of the Summit was “Security, Innovation, and Trust”. The topics presented covered cyber security, biometrics and e-commerce payment, etc. Implementation and security assessment of 3DS 2.0 was also given a lot of attention.
atsec has actively contributed to global security standards development and improvement, including but not limited to PCI GEAR (Global Executive Assessor Roundtable), PCI SIG (Special Interest Group), etc. atsec helps global entities (banks, service providers and merchants) in the payment industry to achieve data security compliance (e.g. PCI, GDPR) in order to mitigate potential risk. In recent years, several global cloud service providers have worked with atsec on PCI compliance, and providing more secure cloud platforms for their customers.
atsec will continue to be dedicated to global security standards development, improvement and compliance assessment.