Source: PCI Security Standards Council
The PCI Security Standards Council, an independent industry standards body providing management of the global Payment Card Industry Data Security Standard (PCI DSS), today announced that more than 275 organizations involved in the payment transaction chain have joined the Council as Participating Organizations.
The PCI Security Standards Council was formed to work to secure payment account data in a globally consistent manner throughout the transaction process. Participating Organizations, which include merchants, payment device and service vendors, processors and financial institutions, play an integral role in the ongoing development of the PCI standards.
"We look forward to the ongoing feedback and guidance these payment related organizations can provide the Council on various security initiatives," said Bob Russo, general manager, PCI Security Standards Council. "The rapid growth of our Participating Organization roster demonstrates the importance of our mission to ensure that stakeholders have the opportunity to present their views and that appropriate security standards are in place to protect the interests of both consumers and those involved in the payment chain."
Participating Organizations have already been solicited and provided feedback for specific revisions to the DSS version 1.1 and the soon-to-be released Self-Assessment Questionnaire version 1.1. Feedback was received from Participating Organizations, Qualified Security Assessors (QSAs), and Approved Scanning Vendors (ASVs) from more than a dozen countries in Europe, Latin America, North America and Asia Pacific, on topics ranging from defining application firewalls and WEP to scoping penetration testing and clarifying connected entities. Feedback submissions were received from every aspect of those involved in the payment chain, including: merchants (restaurants, retail, hotels), processors, associations, software vendors, financial institutions, gateways, POS vendors and acquirers.
"The PCI Security Standards Council is engaging our Participating Organizations with a regional and global view in this diverse business, to make PCI standards more about the marketplace," said Russo.