Is The Pci Dss Enough?
The Payment Card Industry Data Security Standard (PCI DSS) was created by the five major credit card companies to guide merchants that store, process, or transmit credit card data toward creating a safe environment for those transactions. The goal was to help merchants identify and correct problems before hackers can take advantage of them.
The question then becomes: is the PCI DSS enough to do this?
Security breaches are a dangerous thing for both merchants and consumers. The detrimental effects on a consumer losing their personal data should be obvious. The effects to merchants can be far reaching and just as painful. The consequences for a merchant could include regulatory notification requirements, loss of reputation, loss of customers, financial liabilities, and, of course, litigation.
Tags: data security, outsourcing, payment processing, PCI compliance, PCI DSS, PCI DSS compliant, security