Product Type: Market Research Report
Published by: TowerGroup
Published: April 2008
Product Code: R301-1459Description This Research Note reviews merchants' progress toward meeting the standards of the Payment Card Industry (PCI) Security Standards Council (SSC). It explains how the PCI SSC has reacted to slow adoption by smaller merchants and discusses a new assessment standard available for third-party software, called the PCI Payment Application Best Practices (PCI PABP), and standards for security of personal identification number (PIN) entry. Although the PCI does not cover all components of cards, the themes resonate throughout the value chain. Industry segments that handle cardmember data must protect account numbers with access controls, data protections, and assessments of vulnerability.
Table of Contents - Report Coverage
- Progress Toward Implementing the Payment Card Industry Data Security Standard
- Exhibit 1 US Compliance with Payment Card Industry Data Security Standard by Level and Charge Volume (2008)
- Next Steps Toward Data Security
- Exhibit 2 The Security Standards Council's Three-Step Approach to Ensure PCI Compliance (2008)
- Driving the Acceptance of DSS for Slow-Conforming Segments
- Exhibit 3
- Segments of the Global Base of Smaller Merchants by Payment Method (2008)
- PIN Entry Devices
- Exhibit 4 Global Electronic PIN Pad (EPP) and PIN Entry Device (PED) Standards (2008)
- Payment Application Best Practices
- Exhibit 5 Global PCI Payment Application Best Practices (PABP) (2008)
- Remaining Security Hot Spots
- Exhibit 6 Global Card Payments Ecosystem Security Hot Spots (2008)
- Carrying the PCI Theme to Undefined Vertical Segments
- Exhibit 7 Global Components of the Core Principles in the Payment Card Industry (2008)
- Summary
|
|
