Blog

On 9th December 2021, Information security researchers reported the discovery of a critical vulnerability in the Apache Log4j library (versions 2.0-beta9 to 2.14.1).

In this post, we shine a light on the ordinary, day-to-day work that helps make businesses more secure. 

A layered approach to security is the most effective. In this post, we provide the low-down on detective, responsive and recovery controls, in addition to preventative ones. 

Scams may change but the underlying psychology doesn’t. We present five weapons in the scammer’s armoury, plus some effective countermeasures.

Criminals are tweaking their scams for the times. At their core, however, the scams, their delivery and pay-out methods remain similar, if not the same. We explain how to avoid falling for them.

In this post, we'll look at how PCI DSS principles help inform management of third-party risks across a business.

Collaboration is one of the strengths of the payment industry. But any strength can also be weaponised as a weakness. We examine some of the ways that businesses can manage the risks of collaborating with third parties.

Here are our top tips for conducting a risk assessment.

A psychology paper on the science of bicycles provides some useful lessons to those devising information security training programmes.

Working with a trusted provider helps reduce data security risk, partly through minimising the impact of the Dunning-Kruger effect.

Merchants in Europe and the UK are getting ready for strong customer authentication. We’ve been receiving questions from customers about the testing process, which we'll cover in this post.

We’ve been receiving a lot of questions about SCA exemptions and what this means for those using the ANYpay gateway, so explain the key points in this blog.

Various myths have developed around strong customer authentication (SCA). We'll dispel them in this blog.

The payment card industry introduced data security standards (PCI DSS) more than a dozen years ago. This has helped embed a security culture around sensitive card data. These learnings can be scaled companywide. We offer advice on how.

Sometimes good security hygiene is not about shiny, new tools or big-budget initiatives. It’s about a few simple things done consistently and well. Here are five top tips for maintaining good security.

Nobody wants to fall victim to a phishing attack, but they are becoming increasingly common. Here's how you can fight back against email phishing attacks.

Data security is bigger than just payment card data security, particularly in the hospitality industry. Here's how you can prevent a breach.

A malware attack is probably the last thing on your mind, but they can strike at any time. Here are our top 10 tips to fight back against malware.

CEO fraud is when criminals impersonate company executives to trick employees, mostly in the finance department, into making unauthorised transfers.

Tokenisation is much talked about in a variety of payment contexts at the moment, so we thought we’d blog about it.

What is the Payment Card Industry (PCI) Data Security Standard (DSS)? Check out our frequently asked questions to find out more.

Tokenisation is the most secure method of storing sensitive data. Here are some of the ways payments and tokensation can help each area of your business.

Learn how Point to Point Encryption (P2PE) can protect your customers’ card data and help reduce card payment fraud.

PXP Financial offers P2PE as a managed service for customers. You can either implement our certified P2PE application or our full P2PE solution.

We operate P2PE as a managed service for our customers. It sits alongside our tokenisation service, which also helps protect sensitive data.

Our hosted point to point encryption (P2PE) and tokenisation services help you take card payment without taking card data, thereby reducing your liability and PCI DSS scope.

The real point of P2PE is removing sensitive cardholder data from your systems, leaving you with less data security concerns.

Data security is about protecting your brand, your reputation, plus your ability to trade and keep trading.