Retail Technology
| Log in | Subscribe
Subscribe | Log in
Retail Technology
Subscribe

Regional experts gather in Dublin to discuss and shape future of payment security in region

Regional experts gather in Dublin to discuss and shape future of payment security in region

 

Industry stakeholders met recently to discuss security best practices, training updates and Special Interest Groups (SIGs) direction at a Payment Card Industry (PCI) Security Standards Council (SSC) event in Dublin.

 

The PCI SSC, which manages PCI Data Security Standard (DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), held its annual PCI European Community Meeting in Ireland last week.

 

It brought together financial institutions, retailers, associations, payment stakeholders and security experts to drive awareness among Irish and European businesses of the importance of payment security and help guide the implementation and evolution of the PCI standards.

 

Security awareness increasing

 

“This is an exciting time to be in Europe, and specifically here in Ireland, as we are seeing a greater awareness of data security issues and collaboration across industries to leverage new technologies like cloud computing in a secure manner”, said Jeremy King, PCI SSC European Director.

 

“We rely on the cross-industry expertise of our members, as well as the unique regional perspective of our European community to help us continue to develop strong global standards for payment security.”

 

Participants at the PCI Community Meeting gained insights into the payment and technology landscape from Council experts, as well as regional perspectives from Fachtna Murphy, chairman of the Irish Payment Services Organisation and former commissioner An Garda Si?ocha?na, Ireland’s police force.

 

Attendees also had the opportunity to hear the latest updates on the standards and provide feedback, and discuss PCI guidance documents and programme updates on focus areas including mobile payment acceptance security, PCI DSS and EMV, and point-to-point encryption (P2PE).

 

Appetite for greater guidance

 

With strong involvement from a number of European organisations, the Council’s PCI Special Interest Groups (SIGs) were an area of focus at this year’s meeting. The Council forms these groups each year on subjects nominated by participating organisations (PO) and produces guidance to assist with payment card security. Past SIGs focused on P2PE, virtualisation, and mobile application development.

 

The 2013 SIG proposals were presented to attendees in Dublin on areas including: PCI DSS guidance for issuers; cardholder data discovery; external penetration testing; internal scanning and vulnerability management; third party security assurance; best practices for maintaining PCI compliance; and guidance on logging.

 

The SIG election to determine the focus areas for 2013 SIGs is taking place from 29 October to 9 November via its PO portal. Results will be shared at the end of November, with SIGs to formally commence in January 2013.

 

Meeting delegates were also keen to hear additional information on the Council’s Payment Card Industry Professional (PCIP) and Qualified Integrators and Resellers (QIR) programmes that were newly introduced this year.

 

“We’ve already had more than 700 individuals sign up for PCIP and QIR since August,” added King. “This demand illustrates the tremendous value organisations place on education as part of the security process.”

 

A complete list of certifications and training programmes can be found on the PCI standards training page.