PCI Security Standards Council Collaborate on Securing Future of Payments

  • PCI Council
  • 09.15.14
The PCI Security Standards Council, an open global forum for the development of payment card security standards, gathered cross-industry leaders in Orlando to collaborate on securing the future of payments.

Gathering with more than 1,200 of the world’s payment security experts at its annual North American PCI Community Meeting, the Council called for greater collaboration on strong industry-led standards; technology solutions that devalue and protect data; and vigilance in making payment security a business-as-usual practice.

Keynote presentations from cybersecurity experts underscored the complexity and global nature of today’s malware and other threats, emphasizing the importance of collaboration and information sharing across industries, and people, process and technology working together to secure payments.

“We are the good guys, fighting the good fight, and we are going to unite with you against our common enemy, organized crime," said Stephen W. Orfei, the new PCI SSC general manager, speaking to the PCI community for the first time. "Collaboration, which starts here, is critical to securing the future of payments.”

Conference tracks focused on helping attendees understand PCI Standards, solutions and services, industry approaches to security and how to apply them in today’s business environment. Key discussion topics included:
  • Helping retailers and others make payment security business-as-usual
  • Shifting the dialogue from one of compliance to risk mitigation and security vigilance
  • Protecting against malware and other complex threats with a multi-layered approach
  • Using metrics to make the business case for PCI
  • Understanding the EMV chip migration process in the U.S. and how to integrate this with PCI efforts to increase card security and reduce fraud
  • Upgrading point-of-sale (POS) terminals using the PCI PTS product listing
  • Implementing multi-channel protections to address card-not-present fraud
  • Leveraging technology to devalue and protect data
  • Properly identifying and scoping the cardholder data environment
  • Implementing EMV chip, tokenization and point-to-point encryption solutions as part of a layered approach

Attendees shared case study presentations and lessons learned in security efforts; discussed recently released guidance on topics including skimming, maintaining PCI DSS compliance and managing third party risk; and proposed new focus areas for industry-led special interest group (SIG) projects to address market needs.

The meeting in Orlando is the first of three PCI Community Meetings this year.



Related Articles
want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.