Payment Card Industry Group Retools Data Security Rules

Law360, New York (November 8, 2013, 9:29 PM EST) -- The payment card industry’s self-regulatory body on Thursday revamped the data security standard that merchants, banks and others that deal with cardholders' data must follow, adding new system testing requirements and clarifying that liability can't be outsourced.

The most recent incarnation of the Payment Card Industry Data Security Standard, dubbed Version 3.0, is intended to help organizations make payment security “part of their business-as-usual activities” by introducing more flexibility, according to the PCI Security Standards Council, which is responsible for developing and maintaining the standard. The...
To view the full article, register now.