Study Finds Payment Card Data Security Lacking

Only 20 percent of payment card-accepting companies complied with the full set of international security standards in 2013, according to a report from Verizon. The 2014 PCI Compliance Report looked at how hundreds of retailers, hospitality companies, financial service firms and other organizations followed the standards established by the PCI Security Standards Council.

While complying with PCI standards is not required by law, companies that meet those requirements are better prepared to meet other regulatory security requirements. They can also be eligible for better commercial terms from payment card service providers.

Established in 2006, the PCI Security Standards Council is led by five founding members: American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. The group's standards are aimed at protecting the security of customer payment card data.

'Anything Less than 100 Percent an Issue'

Verizon's PCI Security practice has been assessing compliance with payment card security standards since 2009. Its latest report looks at 2011-2013 data provided by retailers, hotels, business offices, data centers and even an airport.

While few of the surveyed organizations met all 12 of the PCI security standards, a growing number are complying with most of them, the Verizon study found. More than 82 percent of businesses complied with PCI standards in 2013, compared with 32 percent in 2012.

However, organizations need to do more to ensure the safety and security of their customers' data, said Rodolphe Simonetti, managing director of the PCI practice for Verizon Enterprise Solutions.

"Anything less than 100 percent compliance is an issue for businesses today," Simonetti said. "We have seen time and time again that noncompliance leaves an organization open to credit card theft, which can potentially cost hundreds of millions of dollars when you factor in all the damages, not to mention lost consumer trust and the impact...

Comments are closed.