AWS Security Blog

Tag: PCI

PCI DSS logo

Updated PCI DSS and PCI PIN compliance packages now available

Amazon Web Services (AWS) is pleased to announce enhancements to our Payment Card Industry (PCI) compliance portfolio, further empowering AWS customers to build and manage secure, compliant payment environments with greater ease and flexibility. PCI Data Security Standard (DSS): Our latest AWS PCI DSS v4 Attestation of Compliance (AOC) is now available and includes six […]

Main Image

Updated whitepaper: Architecting for PCI DSS Segmentation and Scoping on AWS

Our mission at AWS Security Assurance Services is to assist with Payment Card Industry Data Security Standard (PCI DSS) compliance for Amazon Web Services (AWS) customers. We work closely with AWS customers to answer their questions about compliance on the AWS Cloud, finding and implementing solutions, and optimizing their controls and assessments. We’ve compiled the […]

Main Image

Spring 2024 PCI DSS and 3DS compliance packages available now

Amazon Web Services (AWS) is pleased to announce that three new AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) and Payment Card Industry Three Domain Secure (PCI 3DS) certifications: Amazon DataZone Amazon DevOps Guru Amazon Managed Grafana You can see the full list of services […]

Amazon Macie

How to perform a proof of concept for automated discovery using Amazon Macie

Amazon Web Services (AWS) customers of various sizes across different industries are pursuing initiatives to better classify and protect the data they store in Amazon Simple Storage Service (Amazon S3). Amazon Macie helps customers identify, discover, monitor, and protect sensitive data stored in Amazon S3. However, it’s important that customers evaluate and test the capabilities […]

PCI Security Standards Council logo

AWS Payment Cryptography is PCI PIN and P2PE certified

Amazon Web Services (AWS) is pleased to announce that AWS Payment Cryptography is certified for Payment Card Industry Personal Identification Number (PCI PIN) version 3.1 and as a PCI Point-to-Point Encryption (P2PE) version 3.1 Decryption Component. With Payment Cryptography, your payment processing applications can use payment hardware security modules (HSMs) that are PCI PIN Transaction […]

Amazon Macie

Detect Stripe keys in S3 buckets with Amazon Macie

Many customers building applications on Amazon Web Services (AWS) use Stripe global payment services to help get their product out faster and grow revenue, especially in the internet economy. It’s critical for customers to securely and properly handle the credentials used to authenticate with Stripe services. Much like your AWS API keys, which enable access […]

PCI DSS logo

Latest PCI DSS v4.0 compliance package available in AWS Artifact

Amazon Web Services is pleased to announce that eight additional AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) v4.0 certification: AWS AppFabric Amazon Bedrock AWS Clean Rooms AWS HealthImaging AWS IoT Device Defender AWS IoT TwinMaker AWS Resilience Hub AWS User Notifications Coalfire, a third-party […]

PCI Serverless Blog Image

Transforming transactions: Streamlining PCI compliance using AWS serverless architecture

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is critical for organizations that handle cardholder data. Achieving and maintaining PCI DSS compliance can be a complex and challenging endeavor. Serverless technology has transformed application development, offering agility, performance, cost, and security. In this blog post, we examine the benefits of using AWS […]

PCI DSS logo

Spring 2023 PCI DSS and 3DS compliance packages available now

Amazon Web Services (AWS) is pleased to announce that seven additional AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) and Payment Card Industry Three-Domain Secure (PCI 3DS) certifications. The compliance package for PCI DSS and 3DS includes the Attestation of Compliance (AOC), which shows that […]

PCI logo

Updated whitepaper available: Architecting for PCI DSS Segmentation and Scoping on AWS

Amazon Web Services (AWS) has re-published the whitepaper Architecting for PCI DSS Scoping and Segmentation on AWS to provide guidance on how to properly define the scope of your Payment Card Industry (PCI) Data Security Standard (DSS) workloads that are running in the AWS Cloud. The whitepaper has been refreshed to include updated AWS best […]