PCI-DSS Standards Version 2.0 Released Yesterday
FINANCIAL PRIVACY—U.S.October 29, 2010
The Payment Card Industry data-security standard (PCI DSS) 2.0 was released Thursday. Some of the notable revisions include more responsibility on merchants to find cardholder data in their computer systems ahead of their PCI audits and steps taken by the council to help small merchants meet PCI duties, Digital Transactions reports, but overall, the standard is largely unchanged from its previous version. The PCI Council's European regional director called the changes "steady as she goes." However, the new standard does include additional guidance on the scope of PCI compliance, best practice on risk ranking and guidance on potential "rogue access points" in computer systems that could allow for data hacking.