Join the Community

22,241
Expert opinions
44,209
Total members
414
New members (last 30 days)
204
New opinions (last 30 days)
28,752
Total comments

PCI is not onerous - it's too weak

Despite all the bleating about PCI over the years, I found it to be too weak.

With all the focus on Cardholder Data - as being that on the Mag Stripe - namely Cardnumber, Cardholder Name, Expiry Date and Security Code - I found many Merchants & Service Providers treated it as a 'max' rather than 'min' level of security.

I performed due diligences on places where lots of other personal data such as Mothers Maiden Name, Cardholder Address, Phone Number, e-mail address, Date of Birth, Passport Number, Gender, Religion, etc etc was never encrypted, simply because PCI itself didn't tell them to do so.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,241
Expert opinions
44,209
Total members
414
New members (last 30 days)
204
New opinions (last 30 days)
28,752
Total comments

Now Hiring