Wednesday, May 19, 2010

Keeping up with PCI

For the last couple of years there has been a lot of buzz about PCI. PCI stands for the Payment Card Industry. PCI DSS (Payment Card Industry Data Security Standard) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help organizations that process card payments minimize credit card fraud. The standard applies to all organizations which process or exchange cardholder information.
PCI is an on going process. The PCI Security Standards Council continues to develop the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to remove all security risks. Changes to the standard follow a defined 24-month lifecycle with five stages, described below.

Stage 1: Market Implementation
Stage 2: Feedback Begins
Stage 3: Feedback Review and Decision
Stage 4: New Version / Revision and Final Review
Stage 5: Discuss New Version / Revision

Each of the stages varies in length with a total of 24 Months. The next update takes effect on 9/30/2010. Retailers need to be proactive when it comes to PCI and credit card security risks. You can find the most up-to-date PCI information at