The global top-five card-payment companies have issued new worldwide Payment Card Industry (PCI) security standards, and have formed a council to encourage their adoption. American Express, JCB, MasterCard Worldwide, Visa International and Discover Financial Services have unveiled the new PCI Data Security Standard (DSS) version 1.1.
According to the new body, the standard has been updated to provide clarification to certain requirements and be able to deal better with complex requirements such as data encryption.
PCI is a set of specifications that control the handling of credit card information, and is required for all merchants who accept credit cards or store credit information. Those that fail to comply can face fines or lose their ability to handle credit cards. A recent survey by The Logic Group found that only 3 per cent of UK businesses are currently compliant.
But the new revised standard has already met with criticism. "Many merchants had heard that this new standard was imminent, so they waited to see whether it would be easier to conform to - which of course it isn't," claims David Taylor, vice-president of data security strategies at Protegrity.
"The need for security has not decreased over the past year. In fact, the standard makes little mention of increasingly important issues such as phishing."