Join us for three days of connecting, discovery, updates from the Council, regional community speakers, merchants, industry experts, and more.

Agenda subject to change – Continue to check back

  • Tuesday, 18 October
  • Wednesday, 19 October
  • Thursday, 20 October

Tuesday, 18 October

Community Day

Please note: The General Sessions happening on this day are for Participating Organizations only, as a benefit of their participation. However, we invite everyone to join the other exciting highlights of the day!
10:30 - 17:00

Registration Open

Sponsored by
13:30 - 13:40

Welcome Remarks

Emceed by: Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity

Open to eligible Community Members only.
13:40 - 14:00

Community Day Kick-Off

Presented by: Lance J. Johnson, Executive Director, PCI Security Standards Council

14:00 - 14:30

Make Your Voice Heard - A Panel Discussion

Moderated by: Mark Meissner, SVP, Education & Engagement Officer, PCI Security Standards Council

Panelists: Oscar Covers, Chairman of the security working group of the European Card Payment Association (ECPA SWG), European Card Payment Association (ECPA); Gert Huizinga, Senior Consultant Card Solutions, ING; Jeremy King, Regional, VP, EMEA, PCI Security Standards Council; Tomás Perlines, Head of Payment Security, Schwarz IT KG and Marie-Christine Vittet, VP Compliance, Accor

There are so many ways to engage with the PCI Security Standards Council (PCI SSC). In this panel discussion, you will hear from PCI SSC Board of Advisors (BoA) members and active community members about the various ways they have engaged with the PCI SSC and how payment stakeholders can have a profound impact on the payment security industry. You will also learn how you can make your voice heard. If you are in the payments industry, you will want to hear this panel and then make your plan to get more involved!
14:30 - 14:50

A Review of the 2022 SIG Paper, Guidance for Container and Container Orchestration Tools

Presented by: Daniel Farr, PCI DSS Practice Lead, Foregenix and Mike Thompson, Director, Solutions, PCI Security Standards Council

In this session, PCI SSC and a 2021 SIG Participant, in “Best Practices for Container Orchestration” will share an overview of the 2021 SIG development process, and the resulting SIG Paper, as well presenting the benefits of active participation in the collaborative development process. We will also be looking ahead to the 2022 SIG and cover topic submission, the nomination process and the timelines.
14:50 - 15:15

Community Questions with the Council

Moderated by: Alicia Malone, Senior Manager, Public Relations, PCI Security Standards Council

Panelists: Lance J. Johnson, Executive Director, PCI Security Standards Council and Emma Sutcliffe, SVP, Standards Officer, PCI Security Standards Council

15:15 - 15:25

Closing Remarks

Presented by: Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity

Vendor Showcase
14:00 – 17:00

All are welcome to take a sneak peek at the Vendor Showcase!
17:30 - 19:00

Welcome Reception at the Spirit De Milan - Via Bovisasca, 57/59, 20157 Milano

Spirit De Milan - Via Bovisasca, 57/59, 20157 Milano MI, Italy

Join us at the Spirit De Milan to celebrate reconnecting with your peers in person. Take advantage of this exciting networking opportunity while enjoying a taste of Italy in a unique space that will transport you to a typical Italian market complete with lively jazz music and artists. Shuttles will be provided to and from the venue for attendees.

All are welcome! Don’t miss this taste of the city and kick-off networking opportunity!

Sponsored by

Wednesday, 19 October

08:00 - 17:00

Registration Open

Sponsored by
09:30 - 11:00

General Sessions

Emceed by: Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity

09:30 - 09:45

Welcome Remarks

Presented by: Lance J. Johnson, Executive Director, PCI Security Standards Council

09:45 - 10:10

PCI DSS v4.0 In A Nutshell

Presented by: Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council

Walkthrough the key changes in PCI DSS v4.0 and see how the standard has evolved to provide more flexibility and to help organizations better protect payments.
10:10 - 10:30

Quick Fire Round – Your Top 10 Questions About PCI DSS v4.0 Answered

Presented by: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council; Tom White, Senior Manager, Content Development, PCI Security Standards Council and Kandyce Young, Manager, Data Security Standards, PCI Security Standards Council

10:30 - 11:00

Keynote - Building on Mars: How Disruptive Technology Development Can Get Us There

Presented by: Melodie Yashar, Space Architect, ICON

The concept of going to the Moon and Mars—once the subject of science fiction alone—is now supported by private and public entrepreneurial efforts alike. Today, NASA in collaboration with SpaceX, Boeing, and other aerospace partners are working to design, build, test and operate reliable and cost-effective human transportation to not only the International Space Station, but by 2024, to have “boots on the Moon” once again, and build humanity’s first off-world settlement. Many of the world’s nations—China, India, Russia, Japan, and more—are accelerating technology development to realize a permanent human presence on the Moon. By 2028, NASA seeks to deploy technologies for the construction of a Lunar base. The European Space Agency has long celebrated the concept of an international “moon village.” Commercial development of the Moon will not only incentivize new economic and business opportunities through space tourism, resource mining and more—but speaks to humanity’s impulse to pioneer and venture into uncharted territories, and generate ground-breaking scientific knowledge about our universe. To make it happen NASA is leaning into private-public as well as international partnerships. The democratization of “new space” has enabled multiple startups to competitively disrupt the aerospace industry, driving the costs of spaceflight downwards to where commercial space travel has now become a new reality. Mars, on the other hand, presents a host of even more daunting challenges for human spaceflight. Communications latencies, the harsh radiation environment, and the prohibitively expensive costs of launching habitat elements and other types of infrastructure to the red planet are forcing us to rethink not only how will we get there (e.g. transportation), but also how will we sustain and support the first four, then twelve, then one-hundred crewmembers? What will future Martian cities be and how will they be built? How will they enable human beings to thrive in a fundamentally hostile environment? What will our food, water and air resources be? Designing technologies the way we have been prior to this moment simply will not cut it. In this talk we explore the emerging field of sustainable construction on Mars, how it is changing the landscape of building on Earth, and how it paves the way for imagining the unimaginable: how humanity’s life off-world will truly unfold.
11:00 - 11:30

Networking Break and Vendor Showcase

Sponsored by
11:30 - 11:50

Track One

Making the Jump to Light Speed - The Continued Evolution of the Software Security Framework

Presented by: Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council

Join Jake Marcinko, Sr. Manager of Solution Standards for a fun and informative look at the next phase of development for the PCI Software Security Framework…and why Han Solo may understand the need for software security better than any of us. A discussion on how famous quotes from Han Solo have relevance to modern software development and software security issues, and how planned updates to SSF will help to address these emerging issues.

Track Two

Managing Third Party Risk in the Contact Centre Environment

Presented by: John Greenwood, Director Thought Leadership, Compliance3 Limited and Candice Pressinger, BA Hons, MSc, GDPR Practit., Director, Customer Data Security, Elavon Merchant Services

The contact centre environment is changing. No longer reliant on connecting copper cables to tin boxes to serve large buildings accommodating hundreds of people, customer contact centres are now cloud based and supported by many operating models. Whether based on people or machines, outsourced or internal resources, homeworking or centralised buildings, cloud based customer contact operations have a dependency on third party vendors. Focus will be the impact of the PCI DSS on vendor selection.
11:55 - 12:15

Our Journey to PCI SLC Compliance

Presented by: Michał Głuchowski, Managing Director, APDU and Kris Olejniczak, QSA, QPA, SSF, SLC QSA, P2PE, Director, EMEA, Online Enterprises DBA Online Business Systems

APDU is the first Europe based company which is listed as PCI SLC Compliant organisation.​ Our session describes the journey and partnership that APDU and Online started together in 2021. In our presentation we will share a case study focusing on why APDU wanted to be SLC compliant, how program was managed in Agile organisation, describes the major challenges, and how they were faced. Sharing our lessons learned from this journey which culminated in a successful certification in 2022.

Eliminating Scope Creep Within a Large & Complex Merchant, Case Study

Presented by: Simon Turner, QSA, CISSP, CISA, CISM., PCI DSS Consulting and Advisory Services Manager (QSA), BT Plc.

Share BT’s journey over the last 4 years building an in house DTMF Masking & Digital payment solution which drives down compliance and operating costs whilst improving business flexibility through consistency. The focus will be around our Contact Centre business (24,000 agents @ 34 locations) and the business channels they support relating to eCommerce & Retail business for multiple brands. Hear BT’s thoughts for support of future opportunities supporting payment through automation and AI.
12:20 - 12:40

Reducing the Human Error Rate

Presented by: James Seaman, MSc, CISM, CRISM, Director, IS Centurion Consulting, Ltd.

With the Global Economic Forum having identified that 95% of cyber incidents are caused by human error: This session will investigate the root cause and suggest some measures by which organizations can reduce this risk. The session will look into some supporting SOPs and that will help to reduce the risk of human error and will investigate some of the psychology behind the reasons that people are prone to making mistakes.

Making PCI a People Driven Project

Presented by: Mathieu Gorge, CEO, VigiTrust and Marie-Christine Vittet, VP Compliance, Accor

This session looks at the role of people in payments from a merchant's perspective. From educating the Board and C-Level to training in scope staff upon hire and yearly thereafter, we explore how to get buy in from the best line of defense: people. Looks at people's impact on security and compliance based on their role and how to continually educate all staff to ensure they understand the importance of people for an effective continuous PCI program People are key!
12:45 - 13:05

Preventing Data Breaches: Insights From Real PFI Cases – A Panel Discussion

Presented by: Chris Hague, Divisional Head – Technical Services (DFIR, TIG, SOC), Foregenix, Inc.; Tracey Long, VP, Programs, PCI Security Standards Council; Benn Morris, Managing Director, 3B Data Security and Chris Novak, Managing Director, Verizon Cyber Security Consulting​

Join this engaging conversation to learn about how to avoid breaches based on the panelists’ experiences. PCI SSC will share overall trends in PCI Forensic Investigators (PFI) cases as it relates to failure to meet specific PCI DSS requirements determined to have caused or contributed to breaches, with PFIs sharing insights into deficiencies they’ve seen exploited and advice on how to avoid similar pitfalls.

Increasing Merchant Lifetime Value: Delivering Enhanced Security Capabilities Reduces Merchant Churn and Dramatically Enhances Overall Recurring Revenue

Presented by: Georgios Manoussis, Head of PCI Management, Worldline and Tom Proctor, Commercial Director, VikingCloud

Compliance has many benefits for both merchants and processors. For merchants, it helps them avoid the negative consequences of a data breach, including reputation damage, loss of customers/revenue, inability to trade, fines, and even the possible demise of their business. For processors, helping merchants get and stay compliant not only enables them to meet card scheme requirements but also significantly reduces risk within their merchant portfolio.
13:05 - 14:05

Networking Lunch and Vendor Showcase

14:10 - 14:30

Track One

Adopting a Zero-Trust Mindset to Achieve Security From PCI Compliance 

Presented by: Phil Lewis, CEO, Titania, Ltd.

Sampling is a risky approach to network security. It’s why PCI DSS v4.0 recommends it should not be used where automation allows. So how do you shift the compliance market from annual sampled, audits, to daily assessments of every network device? We discuss how adopting a zero trust mindset, combined with accurate, risk and remediation focused automation helps to continually validate your users, networks and applications can be trusted, delivering security from PCI DSS v4.0 compliance.

Track Two

HSM Virtualization for Payments and Enterprise: Compliance Strategies and Considerations

Presented by: Adam Cason, VP, Global and Strategic Alliances, Futurex and Sam Pfanstiel, Principal, Coalfire

In this vendor-neutral educational session, experts in the cryptographic community review the state of HSM virtualization including drivers for its growing use in our industry, and address challenges and opportunities for cloud and enterprise organizations. Attendees will learn how to assess the impact of this technology against PCI compliance goals, evaluate associated architectural and strategic impacts, and implement best practices for protecting sensitive data in multi-tenant environments.
14:35 - 14:55

Mobile Payments Update

Presented by: Andrew Jamieson, VP, Solutions, PCI Security Standards Council

Join this session to hear about the general evolution in mobile payments/security. We will also cover the evolution of SPoC, CPoC to MPoC, an overview of MPoC structure, RFC highlights, and transition and programmatic considerations.

Top 10 Challenges for PCI Pen Test Scoping in Cloud Environments

Presented by: Sheryl Benedict, QSA, Principal Consultant, Foregenix Ltd. and Carlos Marquez, Senior Penetration Tester, Foregenix Ltd.

Technical scoping of cloud services involves accurate information, an in-depth understanding of customer expectations, compliance requirements, technical deployments and specific technologies. We will review the basics of penetration testing scoping; then with the help of real-world examples, discuss the top 10 challenges of scoping penetration tests in the cloud to help reduce the number of issues that may arise. The goal is to ensure that pen tests are accurately scoped and are effective.
15:00 - 15:20

Remote Assessment - Lessons Learned and Looking Ahead

Presented by: Adam Bush, Director, Schellman Compliance and James Hamilton, Department Manager, Information Security, Enterprise Holdings, Inc.

Enterprise Holdings and Schellman welcome the opportunity to share their experience in Remote Assessments from both the merchant and QSA perspectives. In this session, you will learn how Enterprise and Schellman navigated moving from a fully onsite assessment to fully remote one, the lessons learned in supporting remote assessment as a merchant and QSA, and thoughts about how remote assessment and onsite assessment both have a place moving forward.

All Things Mobile: Wherever People Pay

Presented by: Mayke Ploeger, Technical Team Lead, Adyen

The change from classical terminals to fully mobile solutions, how this increases complexity and affects security requirements. A simplified architecture of a ‘Spider in the web’ solution will be shown, explaining how a single application can provide all forms of payments on smartphones, terminals, Ecom etc. In practice this solution will require a collaboration of a variety of software and hardware components resulting in a fairly unstructured web. This talk will provide some structure to this.
15:25 - 15:45

Navigating PCI Payment Solutions

Presented by: Andrew Jamieson, VP, Solutions, PCI Security Standards Council and Jake Marcinko, Senior Manager, Solution Standards, PCI Security Standards Council

Learn about how the different PCI validated products/solutions work together in the environment:
  • Different models/approaches
  • Risk considerations
  • Impact on each other in the same environment
  • PCI DSS v4.0 considerations

How PCI DSS Can Help You Securing Your Critical Infrastructure

Presented by: Christopher Kristes, Executive Board Member, usd AG and Vinzent Ratermann, Managing Consultant, usd AG

The EU NIS2/RCE regulations aim at protecting critical infrastructures including in the financial sector. Although these regulations have not been published in their final versions Germany has been a first mover by already releasing its local implementation called IT Security Law 2.0. This talk introduces the synergies and differences between NIS2/RCE and PCI DSS on the example of the German regulation and provides practical insights from assessments in financial environments where both applied.
15:45 - 16:45

Networking Break and Vendor Showcase

Sponsored by

Take advantage of the extended time to reconnect in-person with our vendors!
16:45 - 17:05

Track One (Tech Demos)

JavaScript Integrity: The New Attack Surface

Presented by: John Elliot, Security Advisor, Jscrambler

Our presentation demonstrates how malicious JavaScript can skim cardholder data from payment form fields. We will show how Jscrambler's Webpage Integrity protects the payment page, and therefore the consumer, by: Creating a dynamic inventory of all scripts; Monitoring, in real-time, the integrity of each script on the page, guaranteeing that all of them are performing as intended and have not been tampered with; Preventing the execution of the malicious script and defeating the attack; Alerting the website owner in and identifying the source of the malicious script. Jscrambler's Webpage Integrity meets the new requirements 6.4.3 and 11.6.1 in PCI DSS v4, which were designed to ensure the integrity of payment page scripts and to detect tampered scripts in the consumer's browser.

Track Two (Tech Demos)

Foundational Network Configuration Security - Zero Trust and PCI DSS 4.0 Assurance at Scale

Presented by: Ian Robinson, Chief Architect, Titania, Ltd.

Foundational network configuration security for Zero Trust and PCI DSS 4.0 assurance at scale. We consider some best practices for embedding security as a continuous process to address the fact that CDE change on a daily basis including network segmentation; abandoning sampling; adopting a zero trust approach. Titania will share how the new-to-market capabilities of Nipper Enterprise enable network owners to accurately automate security &; compliance assessments of every router, switch and firewall in a network on up to an hourly basis. See how the continuous view of actual security and PCI DSS compliance that it provides gives users the assurance that networking devices are performing as intended, that CDEs remain protected from preventable attack, and that payment card data is safe.
17:10 - 17:30

VikingCloud Asgard Platform – Providing Continuous Cybersecurity and Compliance

Presented by: Alexander Norell, Global Security Architect, VikingCloud

VikingCloud has built a next generation AI predictive platform that provides continuous cybersecurity and compliance tools in a single portal. Tackle challenges ranging from real-time security alerts with real-time dashboards to complex compliance assessments. In this demo you will see: Powerful and simple to use dashboards that can drill down to exactly the data you need, A unified findings repository that provides a holistic view across your entire enterprise, A powerful GCRS tool that can easily track complex compliance audits.

Why Software Still Stinks and What You Can Do About It!

Presented by: Lisa Parcella, Vice President of Product Management and Marketing, Security Innovation

Ever wish someone explained cyber attacks/hacks in plain language, using easy to understand metaphors, and made you laugh while doing it? Well, here it is. Come watch me hack a live cloud application and explain 5 top attacks. Fun!
17:35 - 17:55

The Rising Threat of Eskimming and What to Do About It

Presented by: John (JB) Bartholomew, Senior VP of Technology, SecurityMetrics

E-commerce skimming impacts thousands of online retailers and results in the loss of millions of dollars. 25-year veteran in Tech, John Bartholomew (SVP of Technology), will use data from over 500 forensic investigations to show why eskimming is on the rise, as well as the technical and financial threats of eskimming and formjacking. He will cover how hackers are developing more sophisticated eskimming techniques, including a new way that cyber criminals are hacking iframes that are undetectable by current security tools
18:00 - 19:30

Networking Reception and Vendor Showcase

Thursday, 20 October

08:30 - 12:30

Registration Open

Sponsored by
09:30 - 11:30

General Sessions

Emceed by: Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity

09:30 - 09:45

Welcome Remarks

Presented by: Sherron Burgess, Senior Vice President and Chief Information Security Officer, BCD Travel; Board Member and Vice President, Strategic Development, Cyversity

09:45 - 10:15

Industry Keynote - The Payment Threat Landscape: Today and Tomorrow

Presented by: Confidence Staveley, Award-winning Cybersecurity Professional, Cybersecurity Awareness and Inclusion Advocate, Founder and Executive Director, CyberSafe Foundation

Sponsored by

As the world becomes more digitally connected and the drive for financial inclusion grows, the payment threat landscape has also expanded. In this session, we explore the connection between the African payment threat landscape and the rest of the world, showcasing creative ideas for driving user-centric cybersecurity awareness campaigns and signposting predictions for the future of payments globally.
10:15 - 10:45

Embracing the Journey to PCI DSS v4.0

Presented by: Emma Sutcliffe, SVP, Standards Officer, PCI Security Standards Council

10:45 - 11:05

Seismic Change or a Mere Ripple: Changes to Reporting for PCI DSS v4.0

Presented by: John Bloomfield, Manager, Data Security Standards, PCI Security Standards Council and Brandy Cumberland, Director of Program Quality, PCI Security Standards Council

This session will help you understand changes made to reporting documentation to reflect PCI DSS v4.0 updates and how those changes support security as a continuous process. In this session, PCI SSC will discuss updates to the SAQs, ROCs, and AOCs.
11:05 - 11:30

Understanding the New Customized Approach: Separating Fact From Fiction - A Panel Discussion

Moderated by: Lauren Holloway, Director, Data Security Standards, PCI Security Standards Council

Panelists: Marc Bayerkohler, Standards Trainer, PCI Security Standards Council; Brandy Cumberland, Director of Program Quality, PCI Security Standards Council and Tom White, Senior Manager, Content Development, PCI Security Standards Council

Change can be hard, but it doesn't have to be. Understanding the intent behind changes to PCI DSS v4 is key, and in this session, members across PCI SSC will do some myth-busting and clarify aspects of the new Customized Approach in PCI DSS v4.0 to help you understand whether it is right for your organization.
11:30 - 12:00

Networking Break and Vendor Showcase

12:00 - 12:20

Track One

Current Cyber Threat Landscape

Presented by: Dr. Berny Goodheart, Manager, Lab Programs, PCI Security Standards Council

This session will inform security professionals about some of the current threats and a review of the latest cyber threats currently being tracked in the Cyber Community. We will discuss, the provenance surrounding new threats, what to look out for, and examples of new age of ransomware and how phishing attacks are evolving.

Track Two

Solving PCI DSS v4.0 Challenges With Confidence

Presented by: Loïc Bréat, CISA, CISM, PCI QSA, 3DS QSA, EMEA, Payment Security Practice Regional Lead, Verizon Business Consulting Services – Cyber Security Consulting

A overview of the 2022 Payment Security Report - 165 pages of the latest groundbreaking insights. The key to PCI DSS v4.0 compliance and data security success: focus! You need a method to focus on clearly defined goals and objectives, stop being busy with tasks that don’t promote sustainable control effectiveness and to overcome constraints. This session reveals details on how to succeed - an exact method for logically solving security compliance complexities and improve performance maturity.
12:25 - 12:45

The Future of Cyber Risk and Compliance Management for Merchant Service Providers

Presented by: Richard Jones, Business Development Director, Advantio Ltd.

Join this session to learn how MSPs can employ new techniques to better understand the cyber resilience and maturity of their merchants to reduce risk and increase levels of compliance.
  • Placing the emphasis on risk: Techniques to rapidly cyber risk profile and a merchant portfolio.
  • Remediation: How SMB merchants can prioritise resource and investment where it will make a difference.
  • Raising the cyber security bar for SMB merchants: keeping them safe and ahead of the game.

How to Anticipate the Advent of the Quantum Computer

Presented by: Oscar Covers, Chairman of the security working group of the European Card Payment Association (ECPA SWG), European Card Payment Association (ECPA)

Quantum computing is a fundamental research area that is progressing quickly. This technology is expected to have a profound impact on many of the world’s largest markets and will potentially also pose a great threat to cryptography as we know it. As financial sector, it is key to understand to which extent advances in quantum computing affect the security of the core banking & payment services. There is still much uncertainty about quantum computing, but there are also a couple of certainties.
12:50 - 13:20

Threats From the Dark Side – A Dark Web Tour From a PCI DSS Perspective

Presented by: Christopher Strand, PCIP, Chief Risk and Compliance Officer, Cybersixgill

Cybercriminals are moving at a staggering pace and have evolved on the deep and dark web to take advantage of vulnerabilities in sophisticated new ways. Illicit dark web forums, access brokers, and hacking groups are among a few entities that hunt for valuable data and exploit it for nefarious purposes. In this session we will take an interactive tour of the dark web with examples of how dark web threat actors are positioning themselves to target PCI related data and systems.

Transitioning to PCI DSS v4.0 at a Large European Merchant

Presented by: Tomás Perlines, Head of Payment Security, Schwarz IT KG

Schwarz Group is the leading European retailer providing card payments via multiple payment channels throughout its subsidiaries, among them being the retail brands Lidl and Kaufland with more than 12.000 locations. Transitioning to PCI DSS v4.0 raises a challenge for all operational payment channels. We will outline how we manage the route to PCI DSS v4.0 using a standardised approach with the support of innovative technologies.
13:20 - 14:20

Networking Lunch and Vendor Showcase

General Sessions

14:20 - 14:40

What’s in a Number? 8-Digit BINs and PCI Standards

Presented by: Emma Sutcliffe, SVP, Standards Officer, PCI Security Standards Council

Join this session to understand how the introduction of 8-digit BINs might affect your approach to truncation and masking, and how these approaches are supported by the PCI standards.
14:40 - 15:00

Exploring What’s In Store With EMV® 3-D Secure

Presented by: Richard Ledain, EMV 3DS Working Group, EMVCo and Mike Thompson, Director, Solutions, PCI Security Standards Council

EMV® Three-Domain Secure (EMV 3DS) and the PCI 3DS Core and 3DS SDK Standards are helping issuers, acquirers and merchants prevent fraud across e-commerce channels and devices. Join PCI SSC and EMVCo to learn why fighting online payment fraud is essential. Don’t miss this overview of EMV 3-D Secure (3DS), as PCI SSC and EMVCo explore the latest technical developments, and present the evolving PCI 3DS Core and 3DS SDK Security Standards and how they complement the EMV® 3DS Specification.
15:00 - 15:20

Top 5 Ways to Engage with PCI SSC and the Community

Presented by: Lindsay Goodspeed, Senior Manager, Corporate Communications, PCI Security Standards Council; Mark Meissner, SVP, Education & Engagement Officer, PCI Security Standards Council and Elizabeth Terry, Senior Manager, Community Engagement, PCI Security Standards Council

Join us to learn about the top 5 ways to engage with PCI SSC and the community, including the extensive PSS DSS v4.0 resources and the growing list of engagement opportunities – all developed to make an impact and educate our community members about safe payments worldwide.
15:20 - 15:25

Closing Remarks

Presented by: Mark Meissner, SVP, Education & Engagement Officer, PCI Security Standards Council

15:40 - 17:40

Assessor Session (QSAs, ISAs, ASVs, PFIs, QPAs, CPSAs, SSF, P2PE, 3DS assessors only)

As an active assessor in the PCI SSC programs, join us for a special session to hear industry best practices, recent case studies, Council updates, live Q&A and networking opportunities with your peers.