Even without a full-blown AI usage program, giving employees clear direction on where and how AI can be used within your company is crucial. Concerns about consumer privacy, business trade secrets, non-disclosure agreements, the use of copyrighted information, and even the accuracy of ChatGPT’s output need to be addressed in this guidance, or else employees…
Category: SECURITY+
How does your organization implement and operate its Security Environment?
Your overarching security program needs to be dynamic and responsive to the ever-changing threat landscape. As we’ve seen with the recent ransomware attacks, no amount of diligence from a software or hardware perspective can help with the exposure from lack of employee training or awareness as it relates to these threats.
Top Trends Every Retailer Should Be Aware of for 2023
2023 marks the fourth year of a decade that began with a once-in-a-lifetime pandemic that transformed the retail industry. As supply chain issues and other economic challenges caused by the pandemic continue to fester, retailers are finding a new normal with hybrid shopping. This means retailers have even more opportunities to create new offerings and…
Are you using vendors in your tech stack for the core function they bring to your organization?
In recent years, the industry has witnessed a hybrid approach to the two vendor managements models detailed here. In this hybrid model, a payment orchestration layer or a gateway provides pre-existing, best-in-class integrations for a merchant to leverage.
Why does the Sephora data privacy fine matter for large merchants, and what is the Global Privacy Control (GPC)?
The Sephora decision signals that California is serious about enforcing data privacy legislation. The Sephora ruling was, more broadly, a warning shot for companies. It was the first action taken by an Attorney General to levy a fine against any company for failure to comply with CCP
Operational Integrity more vital than ever
As technology is pervasive at retail locations supporting more offers and consumer engagement options, the resiliency of this technology must be monitored and assured. Making sure that products are available, priced correctly, and that consumers can transact with prescribed offers, earn loyalty and use desired payment is critical to the business.
10 Tips for Operationalizing Data Privacy
The road to finding the right vendor for your organization can often be a long one. You must define your needs, secure budget, conduct countless fact-finding calls, negotiate a contract, and then go live. This process takes time!
PCI DSS 4.0 looms large
Merchants need to immediately start understanding what additional budget they are planning to allocate to tackle the increased time and costs necessary to maintain PCI compliance. Even working to find and procure the services of an approved scanning vendor will take time and internal resources.
Easing the Burden of Data Privacy Compliance
Many organizations lack enough awareness of the data they collect to effectively tackle consumer privacy. In some cases, a data mapping exercise coupled with a third-party vendor assessment can be enough to uncover the detail needed to map the flow of consumer data into and out of a business. In others, fundamental change may be…
Leaping from Level 2 to Level 1 PCI Merchant Status? Here's how we can help.
For many merchants, PCI Compliance and related activities are a necessary annual pursuit that require additional work for resource strapped internal business units. The looming complexities of PCI DSS 4.0, combined with transitioning to a Level 1 merchant, will likely leave many organizations in the lurch as they determine how to handle these increased responsibilities.
Can EMV 3DS 2.0 Benefit Your Organization?
EMV 3DS 2.0, the new standard, allows merchants to perform enhanced consumer authentication via means such as biometric verification or one-time SMS passcodes. Previously, all a fraudster would need to complete a Card-Not-Present transaction is a payment card and zip code. With EMV 3-D Secure pushing a one-time code to a consumer’s device, the fraudster…
PAX POS Security and what it means to your organization
Security attacks should be mentioned in the same breath for predictability as death and taxes, and increasingly an organization’s security resources are too strapped for time to operate, complete project work, and continue to adapt and tune their security approach. Third parties who can evaluate your current security environment and provide critical, unbiased feedback with a plan for continued improvement are more vital than ever before.