Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Data Security standards development enters new phase

PCI Security Standards Council : 16 November, 2009  (Company News)
The PCI Security Standards Council is entering the third phase of its open standards management and development activity after receiving input from hundreds of organisations
The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security Requirements (PTS) and the Payment Application Data Security Standard (PA-DSS), has announced it is entering phase three of its open standards management lifecycle process where feedback from hundreds of stakeholders across the payment chain will be evaluated for the next iteration of the PCI DSS and PA-DSS.

Throughout phase two of the PCI Standards lifecycle process, insights were gathered from merchants, service providers, financial institutions, vendors, QSAs and ASVs and third party experts. This information will be discussed by the Council and reviewed by the Board of Advisors to determine what revisions may need to be made to the standards and the supporting documentation. The Board of Advisors is elected by PCI SSC's more than 500 Participating Organizations and includes twenty one organizations - from Cisco to McDonald's - that provide critical feedback to the ongoing enhancement of security standards managed by the Council.

The 2009 Community Meetings held in Las Vegas, NV and Prague, Czech Republic, enabled the Council to solicit valuable feedback from the Participating Organization and QSA/ASV stakeholders. This year, more than 700 delegates attended the meetings, contributing feedback in person. The meetings promoted lively discussion and uncovered many areas for exploration including:

- Formation of additional Council independent Special Interest Groups
- Guidance on how PCI standards impact issuers
- Logging best practices
- Reducing scope for PCI DSS
- Continued evolution of quality assurance programs
- Examining the impact of technologies like tokenization, end-to-end encryption, chip technology, and virtual terminals on PCI standards
- Building awareness of PCI Standards and resources among merchants of all sizes globally

'The Council received pointed and meaningful feedback on the PCI standards from the global stakeholders across the payment chain over the past four months, which we will evaluate in depth in order to ensure the standards are as effective as they can be," said Bob Russo, General Manager of the PCI Security Standards Council. "Our structured, but flexible, lifecycle process allows us to respond effectively to new security challenges so that organizations and assessors have the right tools for their security programs."

Additionally, Council members met with various association members to solicit industry feedback on the standards, including European Association of Payment Service Providers for Merchants (EPSM), International Air Transport Association (IATA), International Forecourt Standards Forum (IFSF), Merchant Advisory Group (MAG), National Association of ATM ISO's and Operators (NAAIO), National Association of Convenience Stores (NACS), National Retail Federation (NRF), UK Payments and VendorCom. Associations are vital stakeholders and this new regular meeting provides all parties an opportunity to bring their members questions, concerns and feedback directly to the Council.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo