Most commercial and other enterprises continue to struggle with the standards of the payment card industry, exposing a result of confidential customer information at increased risk of leakage.
Verizon report on the compliance of the payment card industry standards, Payment Card Industry (PCI) Compliance Report found that only one in five (21%) of organizations has shown compliance with Payment Card Industry Data Security Standard (PCI DSS) during checkout. Although the situation in the area of compliance is not deteriorated and not improved compared to last year, it is still “grim”, according to Verizon.
The norms require organizations to protect information card holders, security policies, monitor and control access to and regular testing of systems and processes – all these factors are directly related to data protection, the owners of payment cards.
Inconsistency rules mean fines and increased transaction fees from credit card brands, but negligence, excessive self-confidence and other factors mean that many organizations are taking credit card payments, continue to struggle to get a satisfactory rating.
Verizon analysis was conducted based on the results of conformity assessment standard, PCI Data Security Standard more than one hundred organizations, and also used other information gathered during the annual survey of violations of Verizon in the payment card industry. The evaluation included data organizations in the U.S., Europe and Asia.
Verizon security researchers argue that there is a direct relationship between data breaches and the inconsistency of standards. Organization, which managed to break through, most likely not meet the standard PCI and there is great risk that they suffer from identity theft and fraud, the firm concluded.
“We hope to see more organizations that meet the PCI standard, because we believe that compliance will eventually improve the security situation in the organizations and reduce the number of holes,” – said Wade Baker, a spokesman for Verizon.”After reviewing this report, the organization can see, on what needs to concentrate its efforts and use our recommendations to accelerate compliance PCI. Our ultimate goal is to secure payment environment for customers and businesses,” – he added.