Prioritized Approach to PCI Compliance Doesn’t Go Nearly Far Enough
Written by David TaylorMarch 4th, 2009
After breaches of at least two major card processors, the card brands and the standards committee are on the defensive and have finally bowed (somewhat) to the complaints of the merchant community by introducing a risk-based "Prioritized Approach framework" as a response to the recent data breaches of supposedly PCI compliant companies.
Unfortunately, opines GuestView PCI Columnist David Taylor, it does not go nearly far enough.
This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.
Already a Subscriber? Login Here
Leave a Reply
Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
Is there really an improvement between a mag swipe and contactless tap if multi-factor authentication is required?
-Ed
