Community

Join the Community

23,573
Expert opinions
41,335
Total members
389
New members (last 30 days)
198
New opinions (last 30 days)
29,157
Total comments
Join Sign in

PCI is not onerous - it's too weak

  0 Be the first to comment
Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Location
Bromley
Followers
2
Opinions
60
Unfollow

Despite all the bleating about PCI over the years, I found it to be too weak.

With all the focus on Cardholder Data - as being that on the Mag Stripe - namely Cardnumber, Cardholder Name, Expiry Date and Security Code - I found many Merchants & Service Providers treated it as a 'max' rather than 'min' level of security.

I performed due diligences on places where lots of other personal data such as Mothers Maiden Name, Cardholder Address, Phone Number, e-mail address, Date of Birth, Passport Number, Gender, Religion, etc etc was never encrypted, simply because PCI itself didn't tell them to do so.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

5869
 

Share

 
 
 
 
 

Channels

/payments
 

Whatever...

A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

Join group

481 opinions 21 members

Comments: (0)

Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Member since
17 Aug 2007
Location
Bromley
Followers
2
Following
0
Opinions
60
Unfollow

Barclays On-line Banking deserves better error messages

RBS does have robust procedures

National Savings and Investments are rather too lethargic

RBS Internet Banking is not for the English

RBS don't seem to understand basic book-keeping rules

See all Opinions from Keith

More expert opinions

Ben O'Brien

Ben O'Brien Managing Director at Jaywing

What the PRA’s Discussion Paper could mean for mid-tier IRB permissions

Paul Holt

Paul Holt EMEA Group Vice President at Digicert

DORA Is Here – Why Global Financial Institutions Must Act Now

Joseph Ibitola

Joseph Ibitola Head of Demand Generation at Flagright

Establishing “Expected Behavior”: Using Median, Standard Deviation and Avg to Detect Suspicious Txns

Bo Harald

Bo Harald Chairman/Founding member, board member at Trust Infra for Real Time Economy Prgrm & MyData,

Two Paradigm Shifts: Trust Infrastructure and AI-Agentics

11

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

23,573
Expert opinions
41,335
Total members
389
New members (last 30 days)
198
New opinions (last 30 days)
29,157
Total comments
Join Sign in

Trending

Serhii Bondarenko

Serhii Bondarenko Artificial Intelegence at Tickeron

Microsoft Q4 2025 Earnings Conference Call: A Comprehensive Analysis

Prashant Bansal

Prashant Bansal Sr. Principal Consultant at Oracle

Navigating the AI Paradox in Banking: Strategies for Value Realization and Futureproofing

Carlo R.W. De Meijer

Carlo R.W. De Meijer Owner and Economist at MIFSA

BoE Digital Pound project reversal: innovative payment solutions at commercial banks

Steve Morgan

Steve Morgan Banking Industry Market Lead at Pegasystems

A New Era for Financial Services with Safe AI Experimentation and Deployment

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept