2. What is Payment Card Industry (PCI) compliance? Albert Gonzales, 28, master-minded the largest credit card breach in U.S. history by hacking Heartland Payment Systems. Gonzalez is currently spending 20 years in Federal prison for his part in a string of data breaches that resulted in the compromise of over 170 million credit and debit cards in 2008. Payment Card Industry (PCI) compliance is a complex and ever evolving subject affecting millions of businesses – acquiring banks, Independent Sales Organizations (ISOs), processors, hosts, shopping carts, e-commerce and retail merchants and other merchant services providers.
3.
4.
5.
6. Compliance is a Continuing Process Industry experts agree – There is nothing wrong with PCI as a standard, but it also has a fundamental flaw -- It is a "point-in-time" certification of a company's readiness to handle security threats. There is no continuous process for monitoring compliance built into the PCI standard. As a result, there is no way of knowing if a company that was certified as being compliant one day is still maintaining that compliance the next day.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16. For more information: www.redknotresources.com Carol T. Adams, CTP Managing Principal [email_address]