Well I can surely say 2018 will go down in the books as having some of the best holiday treats, both at work and at home. The Wind River folks don’t mess around with two things: cookies and security. Well, probably a few other things too, but those are top of mind for me as I reflect in my office today. That said, we break from the action this time to bring you a friendly reminder on a new PCI requirement to help ensure your compliance.
Starting in February 2019, merchants will be required to attest to their scan profiles on a quarterly basis. This is to comply with the PCI vulnerability scanning compliance requirement. Merchants who are not required to perform vulnerability scans OR those who use third-party accounts are not impacted by this change. Expiration for merchants who have not begun new attestations will begin in February 2019. Please note that scans run under an expired scan setup attestation will not be counted towards PCI scan status.
The good news is, this new requirement is easy. You literally just check a box as you can see in the picture below.
A few more specific notes from Trustwave:
- Merchants will be prompted to re-attest after they change their scan setup (add or delete targets).
- Merchants will not be allowed to file disputes if they do not have a valid attestation.
- Merchants must re-attest after their attestation has expired before being allowed to use their account as usual.
You can read more about the changes here.
Stay tuned for our next adventure into the depths of security as we will have more details to share soon. And let us know if you have any security needs as we enter 2019. Happy New Year!