PCI DSS! Is The Payment Industry Serious About Getting and Keeping Itself Secure?

September 09, 2007

The PCI DSS program has been in place in its original incarnation as AIS/CISP since 2001! Why is it then that so few organizations world wide are not compliant? Why is it then that so many service providers are still doing business "flying under the radar screen"??? Could it be that the Card Association isn't serious about security? Or could it be because politics and people in decision making power positions lack the real hands on knowledge and expertise regarding online payment systems and applications to make this well intended and very necessary, supposedly mandatory, security program move forward quickly and effectively? It has been 6 years since the program began its pilot as AIS/CISP!

Gartner analysis suggests that PCI audit program has been “shallow, random, & incomplete”

Gartner believes program needs to be updated with more practical implications

Some requirements impractical to implement such as card level encryption, require support of POS manufacturers

Visa & MasterCard may not be able to effectively support the program apparently unable to answer program questions especially in the area of mitigating controls.
  • Request a quote

    SPIguard offers very competitive pricing for all its services. Call or email us to have one of our team members contact you with a quote.
  • Contact

    Suite 200 – 100 Park Royal South,
    West Vancouver, BC, V7T 1A2
    (604) 684-5671
    (604) 684-5676

    Contact Form