Credit card security standard slammed
By UK CreditCards.com
The PCI Data Security Standard (PCI DSS) -- a set of rules for merchants governing credit card processing security -- is facing criticism from industry professionals.
Portaltech, an eCommerce specialist, said that "some" security experts feel that the system offers only a "minimal baseline" of protection.
This in turn suggests that credit card customers are more vulnerable to fraud than they could be, as PCI DSS is the worldwide standard for protection against credit card breaches and scams.
The standard works through imposing controls on private data related to credit card details, which are highly prized by con artists.
Andrew Walker, Portaltech chief executive, said: "Even though there have been many versions of the standard, each one is more onerous than the last and has not been successful in ironing out the problems. "Look at online application vulnerabilities. They're arguably the fastest growing area of security, and for good reason -- exposures in customer-facing applications pose a real danger of a security breach."
PCI DSS was released in 2004 and is regularly updated.
Published: 9 July 2009
- What protections do credit cards offer (besides Section 75)? – Section 75 is a well-known credit card protection, but it's not the only one. Here are some lesser-known defences ...
- Equifax reveals millions affected in data breach – Millions of records were accessed and hundreds of thousands are at high risk after the Equifax data breach ...
- Equifax suffers major breach - are you affected? – A breach at Equifax exposed details of millions of US consumers - and some UK consumers. Here's what you need to know ...