In the ongoing cat-and-mouse game over the protection of credit card data, the Payment Card Industry's (PCI) stated goal for its 700-plus participants -- card companies, banks, payment processors, hardware and software developers, merchants and assessors -- is to avoid being the mice.
Or, at the least, for them and millions of individual card holders to be very well-protected mice.
But a portion of the security community believes that its real goal is not equal protection for all stakeholders, but much more of it for its founders - five major credit card companies -- at the expense of the rest. The impending new PCI Data Security Standard (PCI DSS) and Payment Application-Data Security Standard (PA-DSS), Version 3.0 will do little or nothing to change that, they say.
To continue reading this article register now