Guest Perspective: New Year’s Eve Countdown to PCI DSS 3.0

The beginning of 2015 was the deadline for compliance to the new PCI DSS 3.0 standards. PCI DSS 3.0 was created in response to large data breaches, the increasing risks of omni-channel commerce and new payment processing technology. While most of the changes from PCI DSS 2.0 to PCI DSS 3.0 were clarifications of previous requirements, some greatly alter standards of compliance. For example, 3.0 requires not only the systems that handle card data to follow PCI DSS guidelines, but also all unrelated systems in the same network as well as the systems that affect their security. These sorts of changes have caused some grumbling among merchants, but security experts expect PCI DSS 3.0 compliant merchants to better prevent payment security problems and stop omni-channel fraud.
Our very own Frank Stornello, Chief Marketing and Strategy Officer,  is quoted by The Green Sheet about PCI DSS 3.0 and the importance of protecting the full transaction life cycle. He reminds us that shoppers lose trust when merchants show security weaknesses. The article also outlines the enhanced PCI DSS 3.0 protections for e-commerce, the need for careful preparation for compliance with PCI DSS 3.0, the different categories of e-merchants and the burden placed on merchants who remain the first line of defense in protecting sensitive cardholder information.
Given these burdens and the risks to reputation when security is lax, merchants should not only be PCI DSS 3.0 compliant but go the extra mile to encrypt, tokenize, and protect their data. Stay as informed as possible about the secure payment processing environment and invest in your reputation.