Payments News

Many Merchants Still Lag in Meeting a Critical PCI Data-Protection Requirement

Jul 03, 2018

Now that the PCI Security Standards Council’s July 1 deadline has passed for implementing newer versions of Transport Layer Security technology to protect payment data, some experts believe nearly a third of small brick-and-mortar and e-commerce merchants don’t meet the new requirements. As a result, expect merchant acquirers, processors, and networks to step up efforts to bring those merchants into compliance in the coming months.

“The focus from the card brands and the PCI [Council] is expanding to the smaller merchant and franchises” regarding PCI compliance, Michael Aminzade, vice president of global compliance and risk services for Trustwave Holdings Inc., a Chicago-based provider of data-security services and technology, tells Digital Transactions News by email. Aminzade estimates that about 30% of Internet retailers and low-volume, so-called Level 4, physical merchants aren’t using approved TLS technology yet, despite years of advance notice.

Read the full article.