Credit card security standard slammed


PCI DSS slammedThe PCI Data Security Standard (PCI DSS) -- a set of rules for merchants governing credit card processing security -- is facing criticism from industry professionals.

Portaltech, an eCommerce specialist, said that "some" security experts feel that the system offers only a "minimal baseline" of protection.

This in turn suggests that credit card customers are more vulnerable to fraud than they could be, as PCI DSS is the worldwide standard for protection against credit card breaches and scams.

The standard works through imposing controls on private data related to credit card details, which are highly prized by con artists.

Andrew Walker, Portaltech chief executive, said: "Even though there have been many versions of the standard, each one is more onerous than the last and has not been successful in ironing out the problems. "Look at online application vulnerabilities. They're arguably the fastest growing area of security, and for good reason -- exposures in customer-facing applications pose a real danger of a security breach."

PCI DSS was released in 2004 and is regularly updated.ADNFCR-2308-ID-19253744-ADNFCR

Published: 9 July 2009