New Database Lets PCI Share Information With Banks and Vendors
April 11, 2008 · Print This Article
Today, the Payment Card Industry Security Vendor Alliance, or PCI SVA, stated that it has developed and launched the PCI Knowledge Base. This searchable database will be accessible by lenders, banks, and merchants who need to access the PCI SVA’s vast store of information about the various payment cards available in the market today.
The Payment Card Industry Security Vendor Alliance is an organization of independent vendors who want to assist the payment card industry in achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS). The PCI SVA is not associated with the Payment Card Industry Security Standards Council, but it sympathizes with the goals of that organization, and individual members of the PCI SVA may also be members of the Payment Card Industry Security Standards Council.
The PCI Knowedge Base, at this point, has more than 1,200 entries detailing with how to best comply with the challenging, ever-evolving Payment Card Industry Data Security Standard. Over 75 hours of interviews with banks, merchants, and card processing companies were compiled to give readers an idea of what ways of enforcing data security work the best in practice. Now, other merchants, banks, vendors, and PCI risk assessors have access to all that information, anonymously.
What are some of the most important findings to be gleaned from the PCI Knowledge Base
First of all, over 80% of risk assessors say that they don’t actually undertake a risk management analysis of payment card practices. Instead, they just follow a checklist, on which one must get a perfect score to be compliant with the PCI DSS.
Second, over 75% of the merchants interviewed by the PCI SVA say that they are more concerned with succeeding at what is known as “Paper Compliance” and avoiding having to pay fines, rather than achieving sustainable “Operational Compliance.”
These and other surprising statistics were revealed at the RSA Conference held in San Francisco earlier today.
Comments
Got something to say?
You must be logged in to post a comment.