PCI standard version 1.2 expected out in October

Share this article:
The second installment of the Payment Card Industry Data Security Standard (PCI DSS) is due out in the fall.

PCI DSS version 1.2, the first update since September 2006 when the PCI Security Standards Council began driving the standard, is due out in October and incorporated feedback from some 450 participating organization, the council announced Wednesday.

The council said it tapped into recommendations from retailers, security product vendors, electronic funds transfer networks, point-of-sale application developers and banks.

The new version of the standard will contain a number of changes, including a more concentrated list of sub-requirements to avoid overlapping; further clarification on reporting protocols; and expanded sections for glossary searches and frequently asked questions.

"We believe adoption of PCI DSS version 1.2 will increase cardholder data security and minimize the risk of data breaches that can challenge the positive public perception of the security practices of merchants and financial institutions involved in the payments chain," said Bob Russo, general manager of the PCI council.

According to the latest figures from Visa, one of the five major global card brands which has agreed on the PCI DSS, 65 percent of level-one merchants -- which process more than six million card transactions per year -- have attained compliance with the standard.

The figures, released in October, also show that 43 percent of level-two retailers -- processing between one and six million transactions per year -- met the requirements.

At press time, a Visa spokesman was checking to see if the payment brand had any current stats.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.