News & Resources

Retailers take note of new payment processing security requirements

Nov 14, 2013 Dave King

The increasing rate of financial-related data breaches, as well as the rapidly expanding electronic payments market, have led to a greater need for updated security requirements from regulatory entities and law enforcement officials. Because hackers continue to evolve and successfully steal financial data during transactions, businesses should work to be a step beyond regulatory compliance to sufficiently protect information.

PC World recently reported that the Payment Card Industry Security Standards Council has released a new set of security requirements for firms in the payment processing sector. The updated version of PCI Data Security Standard, now in version 3.0, is accompanied by the Payment Application Data Security Standard to help merchants and other entities that handle financial information better protect their systems.

According to the news provider, PCI DSS 3.0 includes guidance related to firewall monitoring, security control provisioning and performance, personnel matters and other measures that must be included to protect financial data in payment processing. Proponents of this new set of standards believe it will be an effective means toward consistent performances in a variety of industries.

The source added that covered entities will have until the last day of 2014 to comply with most aspects of PCI DSS 3.0, while others will have more tentative deadlines reaching into the summer of 2015.

Businesses should always try to meet these requirements as soon as possible, as protecting financial data is critical to ensuring corporate continuity, brand stature and financial stability. One data breach that leads to lost financial information can cause significant issues for any company, including fines, damaged trust among consumers and poor financial performances.

Obliging the requirements of PCI DSS 3.0 and going a step further will minimize the risks of financial data breach for payment processing firms and other entities.