Five Payment Brands Unite To Strengthen Global Data Security

American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International have announced the formation of an independent council - the PCI Security Standards Council - designed to manage the ongoing evolution of the Payment Card Industry (PCI) Data Security Standard.

The founding of the PCI Security Standards Council, LLC, marks a significant milestone in the payment industry's efforts to secure payment account data in a globally consistent manner. Ultimately this means that more than a billion global payment card users will benefit from a higher level of security protection against data theft and fraud.

By establishing the independent Council to manage the PCI Data Security Standard for the payments industry, the founding members are developing a system that is more accessible and efficient for all stakeholders including merchants, processors, point-of-sale (POS) vendors and financial institutions.

Specifically, the PCI Security Standards Council will:

• Develop and maintain a global, industry-wide technical data security standard for the protection of accountholder account information;
• Reduce costs and lead times for Data Security Standard implementation and compliance by establishing common technical standards and audit procedures for use by all payment brands;
• Provide a list of globally available, qualified security solution providers via its Web site to help the industry achieve compliance;
• Lead training, education, and a streamlined process for certifying Qualified Security Assessors (QSA) and Approved Scanning Vendors (ASV), providing a single source of approval recognized by all five founding members; and
• Provide a transparent forum in which all stakeholders can provide input into the ongoing development, enhancement and dissemination of data security standards.

"Ensuring the security of electronic payments is of paramount importance to all stakeholders, not just the payment brands," continued Pitt.

To that end, the PCI Security Standards Council invites all parties with a role to play in securing payment account data -- including merchants, payment devices and services vendors, processors, financial institution and others -- to participate in the new organization.

Participating organizations will be able to recommend changes, provide input on future initiatives, have access and the ability to comment on drafts of potential changes to security standards in advance, as well as influence the organization's overall direction. In addition, participating organizations will be able to elect or serve as a member of the PCI Security.

The PCI Security Standards Council will serve as an advisory group and manage the underlying PCI security standards and each payment card brand will remain responsible for their own compliance programs.

As its first action, the PCI Security Standards Council also announced the PCI Data Security Standard version 1.1. The new standard addresses evolving security threats and recommends that merchants and vendors take action to fortify application and network level security. It provides a framework for ongoing PCI compliance.

Source: Paymentsnews.com

This issue home | Back | Next

© 2006-2010 ACH Direct, Inc. All rights reserved.
ACH Direct, Inc. is a registered ISO and MSP of HSBC Bank USA NA, Buffalo, N.Y.

Legal Information | Privacy Statement