New PCI DSS details released

Powered by SC Magazine
 

Version 1.2 will contain no major new requirements.

Online traders could breathe a sigh of relief when the next Payment Card Industry Data Security Standard is released in October.

The industry-wide standard for all firms which store credit card data has had a mixed response since its launch in 2006.

But the new version will implement much of the feedback gleaned in the past two years, and aims to introduce more clarity, according to Bob Russo, general manager of the PCI Security Standards Council.

"Rather than releasing a totally new and updated standard this is a revision of 1.1, so there are no major changes to the way people have to comply with it, " he said.

"In the future, as we move to standard 2.0, there will more than likely be pretty major changes but [in this version] we've come up with a lot more clarity and consolidated a number of sub-requirements."

The only noticeable revisions to the standard are an explicit requirement to strongly encrypt all wireless transmissions of cardholder data across public networks according to industry best practice standards.

There is also a further prescription that any antivirus software applies to all operating system types and addresses all types of malware.

Russo added that there will be "no bumps in the road" between the two versions, so firms currently implementing 1.1 do not need to worry about changing their plans to accommodate the new standard.

Current proposals for DSS 1.2 are still being considered and a final version will be released in early October.

Copyright ©v3.co.uk


 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 836

Vote