Register for PaymentsJournal
Back to News
Is Protection of Cardholder Identity the Purview of PCI?
February 8, 2013
One speaker at the recent Northeast Acquirers’ Association annual conference seems to make a argument for additional coverage by the PCI guidelines that will help secure the card data ecosystem against intruders seeking personal information about cardholders above and beyond account numbers, PINs, expiration dates, and card verification values.
What’s more, protection of broader elements of PII is a business opportunity for ISOs and merchant acquirers. The speaker in question, Linda Grimm, Director of Consulting with Compliance Solutions and Resources, stated:
“Who has this data?” Grimm asked her audience rhetorically. “Everybody.”
Acquirers have lots of information on the merchants they service, she pointed out.
What’s more, 95% of breaches result in the theft of information not protected by PCI data security standards, she said.
Meanwhile, the U.S. transition to EMV smartcards is lulling some ISOs, agents and merchants into thinking the need for complying with PCI standards to protect data is simply going to evaporate because chip cards are more secure than magnetic stripe cards, Grimm asserted.
“No,” she said in reply to her own statement. “Don’t let anybody fool you” about less need for PCI after the industry institutes EMV.
to read more from ISO&Agent.
Contact a Mercator Advisory Group Analyst
Search News Items
Advertise With Us
Recommend RSS Feed
Join Buyers Guide
Host a Strategy Session
List a Calendar Event
Give Us Feedback
Contact Mercator Advisory Group
© & ™ 2002 - 2012 | Mercator Advisory Group. All Rights Reserved
Terms and Conditions
Make Us Your Homepage