The Future of PCI

The PCI Security Standards Council’s Jeremy King reports says retail networks are still too easy for hackers to penetrate, and expose the weaknesses in PCI security practices. “Poor passwords or weak passwords are the No. 1 challenge we all have to address,” he says. “This is not low hanging fruit—this is fruit lying on the floor waiting to be picked up.” King also notes that new payments technology, such as mobile and emerging e-commerce transactions, is further complicating PCI compliance, even in markets where chip and PIN transactions are routine. Moreover, King cites EMV technology’s inability to accommodate card-not-present transactions as an additional security risk. And although end-to-end encryption addresses such risk, retailers have to consistently make sure they are not accidentally storing card data or sending data in a way that poses new risks to cardholders. Still, King is confident the industry is in a better position to resolve such threats, especially with the council’s international expansion. “Now we can get a true global perspective about what are the challenges and what is working,” he says.

[divide]

From “The Future of PCI”
BankInfoSecurity.com (05/16/13) Kitten, Tracy