PCI DSS standards to face open comment

Share this article:

The PCI Security Standards Council (PCI SSC) is looking for feedback on its payment industry guidelines and plans to roll out an online tool to make providing input easier.

Member organizations have from July 1 to Nov. 1 to provide “detailed and actionable feedback" on the current version of the Payment Card Industry Data Security Standard (PCI DSS), according to an announcement Wednesday. The move is being made so that the council can gather information for revising future editions of the standards. Revisions based on the feedback may be released in the fall of 2010.

The standards up for comment are for versions 1.2 of the PCI DSS and Payment Application DSS.

The council also announced that it plans to hold two community meetings at which stakeholders have an opportunity to propose and discuss revisions to the next version of the standards. The meetings are planned for Las Vegas and Prague at the end of September and November, respectively. More information is available here.

The feedback from the meetings will be referred to the council's technical working group, which decides whether to recommend a revision or a new version.

Meanwhile, a new electronic feedback tool can make it easier for organizations to prepare feedback on the PCI DSS and PA DSS standards -- on up to five key areas of their choosing, according to the announcement. The form is expected to be distributed electronically on July 1 to members.

 

 

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Leahy bill would end bulk data collection, introduce reforms

Leahy bill would end bulk data collection, introduce ...

Sen. Patrick Leahy introduced an NSA reform bill that would update the USA Freedom Act.

House passes two cyber security bills

One bill aims to improve agencies' website security, while another works to thwart critical infrastructure attacks.

A five-month-long Tor attack attempting to 'deanonymize' users

For roughly five months beginning in January, traffic confirmation attacks were used to attempt to "deanonymize" Tor users.