The number, scale and sophistication of data breaches fueled by hackers last year is rekindling the debate over the efficacy of the credit card industry's security standards for safeguarding customer data.
All merchants that handle credit and debit card data are required to show that they have met the payment card industry data security standards (PCI DSS), a set of technical and operational requirements designed to safeguard cardholder information from theft or unauthorized access.
Yet, some of the most notable data breach incidents last year targeted companies that had recently been certified as compliant with those standards, raising the question of whether the standards go far enough, or if entities that experienced a breach are falling out of compliance with the practices that led to their certification.
In a recent hearing on PCI standards at a House Homeland Security Committee panel, experts from the retail sector charged that the entire PCI scheme is only a tool to shift risk off the banks and credit card companies' balance sheets.
"The premise behind PCI -- that millions of retail establishments will systematically keep pace with the ever-evolving sophistication of today's professional hacker -- is just not realistic," said David Hogan, senior vice president and chief information officer for the National Retail Federation.
YOU CAN USE QUICK SEARCH ENGINE IN THE TOP FOR MORE DOWNLOADS OR DETAILS.
Computers Security Quick Search Engine :
Custom Search
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment