A study conducted by Verizon earlier this year indicated that almost half of all global organisations are still not fully PCI compliant. The study found that while the number of PCI compliant businesses has increased since 2015 – from 48% to 55% – there are still an alarming number of businesses that may be putting consumers at risk.
The Payment Card Industry Data Security Standard, PCI-DSS, is a security standard for businesses. It mandates compliance for any merchants who store, process or transmit credit card data, including cardholder information. It is supported by all major card brands and exists to reduce credit card fraud by ensuring organizations use secure IT systems and follow good business practices while handling credit card data.
Adherence to PCI-DSS standards is mandatory for organizations wishing to process any of the major payment card brands, requiring an annual compliance assessment by either an external PCI Qualified Security Assessor (QSA) or by self-assessment, depending either on the volume of transactions handled or the requirements of the merchant’s bank.
Those businesses that have tightened their security in this area have done so just in time, in light of the recent volley of cyber attacks on Equifax’s systems. The Equifax attack resulted in the contact details of over 146 million individuals from the US, the UK and Canada. The credit reference agency is far from being alone in these attacks, however. A company that operates several retail chains in Ireland has been hit by a similar attack, in which hackers attempted to steal credit and debit card details of customers.
This makes PCI-DSS absolutely paramount for retailers to gain. Failure to become compliant can result in loss of confidence from consumers, the risk of a major data breach, and ultimately the suspension of the merchant’s license.
Achieving PCI can vary in difficulty, depending on the size and scope of each organisation, as well as the state of the branch devices utilized in each store. It is because of this that Zynstra recognized the importance of providing an easy solution for retailers.
The Zynstra platform for intelligent retail edge has been improved to include additional capabilities. These capabilities include Tier 1 PCI-DSS certification to reduce the cost and effort of achieving compliance across in-store IT systems, and has been subject to the most rigorous audit level across Zynstra’s software architecture, engineering practices, and operations center.
While many businesses view PCI compliance as a rather daunting task, it is important to consider that it is crucial in an age in which retailers are hit by cyber attacks on average twice a week. Find out more about the current state of branch IT security.