Looming EU data protection rules could result in big regulatory penalties for businesses that suffer cybersecurity breaches, the tenth-anniversary European meeting of the PCI Security Standards Council (PCI SSC) heard.
The PCI Europe Community Meeting in Edinburgh heard that organisations handling payment card data must adopt PCI Data Security Standard (PCI DSS) version 3.2 as soon as possible to prevent, detect and respond to cyber attacks that can lead to data breaches. Version 3.1 expired on October 31, 2016.
PCI SSC General Manager Stephen Orfei said: “We are proud of the advances in payment security that we’ve made together as an industry here in Europe and around the world. We are also aware of the very real threat of cybercrime to global commerce today. Now, more than ever, we must join forces to devalue payment data and make it useless to criminals.”
Worldpay (UK) announced at the meeting that its P2PE (Point-to-Point Encryption (P2PE)) solution has been PCI approved and is now listed on the PCI SSC website as a PCI Validated P2PE Solution.
The PCI SSC Small Merchant Task Force, co-chaired by Barclaycard, urged banks, technology providers and security assessors with small business customers to adopt and disseminate
newly published PCI Payment Protection Resources for Small Merchants.
For more from the event, visit the PCI Perspectives Blog: https://blog.pcisecuritystandards.org/.
The PCI Asia-Pacific Community Meeting in Singapore runs on November 16 and 17.
