Recent changes to the PCI Digital Security Standard reflect learning from large scale hacking attempts

18-10-2016

Author: Pearse Ryan, Arthur Cox and Andrew Harbison, Grant Thornton



This article was first published on SCL.org.

The Payment Card Industry Digital Security Standard (PCI DSS) is an information security standard for organisations that handle credit and debit cards from the major card companies, including Visa, MasterCard and American Express. Organisations that take payments from, process or store, card details are obliged to meet the security standard. Those who fail to observe the standard can find themselves excluded from receiving credit card payments and those who lose credit card numbers, or have them stolen from them, can face hefty fines for failure to meet the standard. This note discusses a new Release 3.2 to the standard, which has significant implications for card providers and their service providers.

Read the full briefing here.

 

Download PDF