PCI Watch

Tracking changes across the Payment Card Industry
ℹ️
Reference Content: This is archived content from PCI Security Standards Council bulletins, preserved for tracking changes over time.
View Original →

PCI SSC Statement on “BuySecure” Initiative

PDF







PCI SSC Statement on “BuySecure” Initiative

24 October 2014

The PCI Security Standards Council applauds the Obama administration’s focus on protecting consumer’s payment data
and stands ready to join the “BuySecure” initiative put forth by the President.

An Obama Administration plan to spur adoption of EMV chip technology within the federal government payment systems
is a positive move. EMV chip is a strong layer of security and offers protections in a face-to-face transaction environment.
Today’s multi-channel, global organizations must use additional layers of security that complement EMV chip such as PCI
Standards. Implementing EMV is a positive step forward in focusing on security systems that involve people, processes
and technology to stop fraudulent activity.

Key current EMV chip technology initiatives for PCI SSC include:
- Partnering with the EMV Migration Forum to demonstrate the value of moving to EMV chip cards in the US
market, and the importance of a multi layered approach to security that includes PCI Standards
- Collaborating with EMVCo, the organization responsible for chip card technology standards, to ensure security
standards are complementary

The focus on payment security by the White House shines a welcome spotlight on the work the private sector has been
leading through PCI SSC. While there is no doubt advanced persistent threats and sophisticated malware are concerning,
the Council continues to advocate for a multi-layered approach to payment security, that starts with implementing PCI
Standards. Vigilance remains critical. Only a combination of people process and technology, and a focus on making
security “business as usual” practice will help thwart these threats.

About the PCI SSC:
Established in 2006, the PCI Security Standards Council offers a range of standards, listings of technology solutions and
training and education that help improve payment data security. The Council convenes participants in the global payment
chain with the goal of protecting consumers’ payment data through the adoption of international security standards. Since
then, the Council has grown to more than 700 Participating Organizations globally spanning retail, hospitality, financial
institutions, technology companies and payment processors. In addition, a community of more than 3,000 security
assessors and forensics investigators partner with the Council to provide support to the market in adopting PCI
Standards.