- Analytics
- Big Data
- Case Studies
- Datacentre
- Cloud
- eGov
- IoT
- IT Infra
- Leadership
- Mobile/Social
- Mobility
- Security
- Storage
- Miscellaneous
- Insights
- Digital Transformation
- Blockchain
- Workplace
- Collaboration
- Developer
- Digital India
- Infrastructure
- Networking
- Software Defined
- Telecom
- Semiconductor
- Networking
- AI / ML / BOTS
- BPO/BPM/IT Services
- Blockchain
- Security
- Insights
- Leadership
- Miscellaneous
- Enterprise Applications
- FinTech
- Innovation
- Developer
- AI/Bots/ML
Payment Security Compliance Drops for First Time in Six Years
This gap between the various business sectors that deal with electronic payments on a daily basis is significant
Photo Credit : ShutterStock,
After documenting improvements in Payment Card Industry Data Security Standard (PCI DSS) compliance over the past six years (2010 – 2016), Verizon’s 2018 Payment Security Report (PSR) now reveals a concerning downward trend with companies failing compliance assessments and perhaps, more importantly, not maintaining - full compliance.
The Payment Card Industry Data Security Standard (PCI DSS) helps businesses that offer card payment facilities protect their payment systems from breaches and theft of cardholder data. PCI DSS compliance has been shown (via the Verizon Data Breach Investigations Report series) to help protect payment systems from both data breaches and theft of cardholder data, so this trend is alarming.
Data gathered by Verizon’s PCI DSS qualified security assessors (QSAs) during 2017 demonstrates that PCI compliance is decreasing amongst global businesses, with only 52.4 percent of organizations maintaining full compliance in 2017, compared to 55.4 percent in 2016.
Regional differences are highlighted, demonstrating that companies in the Asia-Pacific region are more likely to achieve full compliance at 77.8 percent, compared to those based in Europe (46.4 percent) and the Americas (39.7 percent). These differences can be attributed to the timing of geographical compliance rollout strategies, cultural appreciation of awards/recognition, or the maturity of IT systems.
By business sector, IT services remain on top when it comes to compliance, with over three-quarters of organizations (77.8 percent) achieving full status. Retail (56.3 percent) and financial services (47.9 percent) were significantly ahead of hospitality organizations (38.5 percent), which demonstrated the lowest compliance sustainability.
With businesses often leveraging PCI DSS compliance efforts to meet the security requirements of data protection regulations, such as the European Data Protection Regulation (GDPR), this gap between the various business sectors that deal with electronic payments on a daily basis is significant.
