Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:55 PM
Nancy Feig
Nancy Feig
Connect Directly

Five Leading Payment Brands Unite to Strengthen Global Data Security

PCI Security Standards Council solicits involvement from payments stakeholders on data security.

American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International on Sept. 7 announced the formation of an independent council designed to manage the ongoing evolution of the Payment Card Industry Data Security Standard, which focuses on improving payment account security through the transaction process. The founding of the PCI Security Standards Council (Wakefield, Mass.) will lead to higher security protection against data theft and fraud for more than one billion global payment card users, according to a joint release.

"The main point here is that we want to make this simpler for everyone," says Seana Pitt, chairwoman, PCI Security Standards Council and VP of global merchant policy and data quality at American Express. The council, which first met in January, was established to "drive adoption and awareness of the standards," Pitt says.

Pitt also emphasized the council's desire to engage more stakeholders. "Ensuring the security of electronic payments is of paramount importance to all stakeholders, not just the payment brands," she relates. The council has invited merchants, payment device and service vendors, processors, and financial institutions to participate in the new organization and to play a role in securing payment account data.

Participating organizations will be able to recommend changes, provide input on future initiatives, have access to and the ability to comment on drafts of potential changes to security standards in advance, and influence the organization's overall direction.

"The payment brands that founded the council are committed to ensuring ongoing development of data security standards that are both efficient and effective," Pitt explains. "The creation of this council is a significant step forward in protecting cardholder information and it underscores the critical nature of this effort."

By establishing the independent council to manage the PCI data security standard for the payments industry, the founding members are developing a system that is more accessible and efficient for all stakeholders including merchants, processors, point-of-sale vendors and financial institutions.

Specifically, the PCI Security Standards Council will:

  • Develop and maintain a global, industry-wide technical data security standard for the protection of accountholder information.
  • Reduce costs and lead times for the Data Security Standard implementation and compliance by establishing common technical standards and audit procedures for use by all payment brands.
  • Provide a list of globally available, qualified security solutions providers via its Web site to help the industry achieve compliance.
  • Lead training, education and a streamlined process for certifying qualified security assessors (QSA) and approved scanning vendors (ASV), providing a single source of approval recognized by all five founder members.
  • Provide a transparent forum in which all stakeholders can provide input into the ongoing development, enhancement and dissemination of data security standards.

    Comment  | 
    Print  | 
    More Insights
  • Register for Bank Systems & Technology Newsletters
    Bank Systems & Technology Radio
    Archived Audio Interviews
    Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.