Businesses dealing with payment card transactions will need to examine in detail the freshly updated security requirements from the Payment Card Industry Standards Council in order to ensure continued compliance and protection for customers.
The Payment Card Industry Data Security Standard (PCI DSS) is managed by this organisation, and it is accepted internationally by businesses of all kinds. Sub-categories of the overall set of rules have been updated in order to move with the ever changing technology and the threats against which businesses and consumers must be robustly defended.
The regulations governing PIN Transaction Security (PTS) and Point of Interaction (POI) are now moving into version 3.0, with the update representing three years of continuous review and analysis that runs in cycles within the PCI. Many hundreds of businesses have been involved in formulating the update, which ensures that real world threats are addressed.
The PCI Standards Council has confirmed that new requirements will see the standardisation of PIN entry terminals. This will alter the current rulings, which differ depending on whether the terminal is manned by a member of staff, remotely monitored or comprehensively encrypted, and by replacing these separate rules with a unified update it should be easier to comply whilst security is simultaneously improved.
Several new regulations have been implemented in order to increase security in key areas. This includes replacing older, less secure wireless standards for payment card data transmission with more robust alternatives, as well as requiring encryption of consumer information whenever it is handled by businesses and at every point on its journey.
The PCI Standards Council has accepted that these stricter regulations will require suitable technology to support them and, as such, have approved additional technology to help firms adhere to the regulations and make payment card information much harder to access if you do not have the requisite authority.
The PCI Standard Council’s Bob Russo said that protecting customer data and preventing loss or theft would be made far easier under the new regulations, with blanket encryption and improved wireless protocols making all the difference.
