PCI 2014: From compliance to security
PCI 2014: From compliance to security

In September, the Payment Card Industry (PCI) Security Standards Council (SSC) codified an upgrade to the standards that regulate the entire payments card industry in the United States. But, say many of the experts with whom we spoke for this latest ebook, Version 3 of the Payment Card Industry Data Security Standards (PCI DSS) is not enough to protect the customer information preserved in countless databases. Others say that chip-and-PIN credit card technology – the Europay, MasterCard and Visa (EMV) standard, already prevalent in Europe and much of the rest of the world – will shore up security when it is integrated into U.S. payments transactions.

Other industry experts point to encryption or tokenization as the solution to stopping data breaches and point-of-sale attacks, like the one Target experienced late last year. To stop attacks and better protect customer data will take a combination of technologies, policies and training. The consensus from our panel of experts is that PCI DSS should be just one item on a far broader effort to integrate data security into enterprise risk management.

Click here to download this ebook on PCI.