Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Security

Security

John Lewis Criticizes the PCI DSS

With so many changes, how may one comply?

By George Craciun, Security News Editor

11th of July 2008, 15:36 GMT

Adjust text size:


John Lewis speaks out against PCI standard
Enlarge picture
The PCI DSS (short for Payment Card Industry Data Security Standard) is a set of rules and guidelines meant to protect the customer and merchant against fraud. Since you will be providing the merchant with your credit card info, it is important that it stays safe from attackers and hackers. UK based department store John Lewis agrees that the PCI DSS is necessary and wants to comply, but has to speak out against how unnecessarily difficult the whole process can be.

By this time in 2009 John Lewis plans to be in full compliance with the PCI DSS standards. There are literally a dozen requirements that must be met, and they are in regard to issues such as data encryption, data storage and data management.

Frank Cordrey, Head of Development Support with John Lewis comments for Computing: "The goalposts of the PCI standard have been moved several times. It was fairly consistent and the objectives were clear at first, but there are a number of areas that have changed considerably in the past couple of years. There are times when you need rules to be static for a while so you can catch up and take things forward. What I would like to see is someone accepting the fact that this is a big task and that if you want people to stick to rules, specifications must be retained."

The total number of companies that are part of the PCI Security Standards Council amounts to 460, and John Lewis is one of these companies. If they are upset now, wait until October when a new version of the PCI standard comes out.

Since numerous UK based businesses are not compliant with the standard, the banks are sure to react in a tough manner. It is also believed that in making sure companies comply with the PCI standard, significant amounts of money will be spent.

Etienne Greeff director of MIS comments: "Because PCI DSS has been delayed so much and UK firms are so far behind, there is a massive backlog of firms that need help to achieve compliance. PCI compliance is one of our top two business topics for 2008. It is true there are no financial penalties, but it is incorrect to say there is no impetus for merchants to comply. Banks are now going to merchants and imposing penalties if there is a breach. They are doing it with tier-one retailers first and once they have reduced the risk there they will go to the next level down."

TAGS:

 PCI DSS | security | UK companies
Read by 945 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
NOT RATED 0 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Windows Vista Is Superior to Leopard, XP, Linux, and All of Open Source

Thales France Takes Over UK Encryption Company nCipher

Privacy, Oh Privacy - Google Defends Its Policies Once Again

Malware Ruins Teacher's Life

White House to Tighten E-Mail Security

Vista Security Policy Gets Its Own Website

Multimedia Infecting Trojan Detected in the Wild

Kaminsky Faces Security and Hacking Community Scorn

User opinions:


Comment #1 by: Angelica Mari on 25 Mar 2009, 11:55 GMT reply to this comment

Not nice to be lifting quotes from other articles...tut tut.

http://www.computing.co.uk/computing/news/2221187/payment-rules-criticised-4112465

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive