|
| |
|
|
|
|
|
|
|
PCI Co. to Increase Compliance Time for New Standards Releases |
|
|
|
 The PCI Data Security Council says it has made changes to its standards process that will give merchants, banks and payment processors more time to adjust to new security recommendations in the future.
The Council will release new standards for securing payment and card-related data and applications in October. But banks and merchants will have a 14-month grace period before they have to prove they're in compliance with the new standards; members will report on their compliance with the old standards through December 31, 2011.
"The main reason we're doing this is because we've had a ton of feedback," According to Council General Manager Bob Russo said in an interview with Bank Systems & Security magazine. "This is an attempt to give everyone more time to live with the standard, to understand it, and to give us feedback on it so we have more meaningful updates going forward."
The Council holds community meetings in September and October of each year, and new standards will emerge from these meetings that will take effect January 1st of next year.
Russo says he doesn't expect there will be too many surprises in the next round of standards, summaries of which will be published throughout the summer.
|
|
|
ETA Members Only |
| member information
membership status
member-only content | |
|
|
|
|
