The PCI Security Standards Council (PCI SSC) has updated its security requirements to improve the security of data and other components in the making of payment cards.
The updated standards protect against fraud that could occur if card materials are compromised and include both logical and physical security requirements of card production, including manufacturing of the cards, embedding chips, card personalization and even mailing and shipping.
The PCI Council maintains the standards but payment brands manage the assessments. The Council has urged card makers and brands to work closely together to implement and review compliance to the new requirements.
Noting the need to “increase security across the payment chain” to meet current threat and business realities, PCI SSC Chief Technology Officer Troy Leach said in a press release that the updated requirements “will help card vendors secure the card production process from design all the way through delivery.”