Visa issued its own study showing that in 2010 there was a larger percentage of payment service
providers that were improving their PCI compliance.
- In January 2011 Version
2.0 of PCI DSS and PA-DSS became effective.
- In February 2011 the PCI
Council announced newly enhanced educational offerings.
- In March 2011 the PCI
Council strengthened approved scanning vendor programs with a new PCI DSS
training program.
- In June PCI Council announced
that PCI Awareness online training is now available as well as
virtualization guidelines for PCI compliance.
- In August 2011 the PCI
Council released guidelines for the tokenization security process as well
as PCI wireless guidelines.
- In September PCI Council published
requirements for using advanced, E2E (end to end), and encryption to limit
PCI scope.
- In October 2011 after
stating they would no longer approve any mobile application as PCI
certified, they announced that they would offer testing for encryption used
in new mobile devices that manufacturers were developing or that merchants
had in use.
- In November 2011 the PCI council announced that special interest groups would be involved in studying online and cloud computing security in 2012 to establish new security compliance standards.
PCI will continue to grow and evolve. If you have not started addressing PCI in
your business there is no better time than now to begin. Make it your New Year’s resolution to reach
out for assistance and protect yourself as soon as possible. Contact an STCR Representative for more
information at (607) 757-0181.
