Posted by: Kevin Burns  |   Comments  No Response

PCI DSS has joined the list of certainties in life for the retail IT community and there’s no doubt that it’s one of the least attractive projects at the moment.

Despite this, we recently held our 8th PCI roundtable. We run these for customers every three to six months, focussing on what’s going on in the payments and PCI world. I think their success has been due, not least, to the “rules” we put in place the first time we sat down together:

Notes are taken at each meeting and circulated to the BTE PCI LinkedIn forum but they remain anonymous. As part of my wider role I also try to provide some food for thought at each roundtable, whether that’s updates to standards or where payments and PCI have hit the news.

The good news for me is that our retailers keep coming back; the benefit  for them is that they get to talk to each other about what they’re doing and how they’re tackling the PCI DSS.

This time we were kindly hosted by one of our customers and it was another great event. It must be said that their hosting was first class and for that I sincerely thank them, indeed it took a great deal of pressure off my shoulders as “facilitator”.

The hottest topic remains point-to-point encryption (P2PE) and scope and to be honest I think it will still be hot until at least the middle of 2013, simply because it has taken so long to get off the ground that we will not be clear on how P2PE fits with the overall PCI DSS with any certainty until retailers (and Payment Service/Solution Providers and Service Providers) go through the process. “It’s like going back to PDQs (Process Data Quickly),” one retailer remarked, referring to the terminals provided by acquiring banks; “Yes, but a bit cheaper,” was the response.

Other topics included contactless, NFC and mobile payments; Visa merchant agent and the QIR program; the possible merge of PCI into the Data Protection Act in Europe and the PCI compliance timelines which loom in 2012/13.

Overall the event must have been a success, or we wouldn’t have agreed to a 9th roundtable in September! Contact me for more information or visit the BTE PCI LinkedIn forum for details.

Kevin Burns is a PCI & Payments Consultant for BT Expedite. For more info on PCI or to download Kevin’s white paper visit our website. You can also contact Kevin online or reach him via 0870 8506880.

Post a Comment

Change cookie settings

Help

The cookie settings on this website are set to 'allow all cookies' to give you the very best experience. If you continue without changing these settings, you consent to this - but if you want, you can change your settings at any time at the bottom of this page.

Change settings I agree

Find out more about Cookies