PCI Security Council upgrades credit and debit card security verification standards

Monday 11 August 2014 13:13 CET | News

The Payment Card Industry Security Standards Council (PCI SCC) has updated its guidance to help merchants determine whether third-party service providers have implemented security measures to protect credit and debit cardholder data.

Under the initiative, internet and cloud service providers, online storage companies, call centers and other companies that offer services to retailers must show they have the security controls needed to protect any cardholder data they handle.

The new guidance, developed by a PCI special interest group representing merchants, banks and third-party service providers, aims to speed the process by offering tips to merchants on how to conduct risk assessments.

Merchants that want to remain compliant with PCI requirements will be required to obtain a written assurance from each of their service providers attesting to each providers readiness to handle credit and debit card data securely.

The guidance also includes advice on how merchants and service providers can share responsibility for implementing PCI security measures, offering recommendations on how merchants can set expectations, establish a communications plan and specify security responsibilities when signing up a third-party.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: PCI Security Council, credit, debit card, web fraud, online security, digital identity
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events