Payment Card Industry Group Retools Data Security Rules

Law360, New York (November 8, 2013, 9:29 PM EST) -- The payment card industry’s self-regulatory body on Thursday revamped the data security standard that merchants, banks and others that deal with cardholders' data must follow, adding new system testing requirements and clarifying that liability can't be outsourced.

The most recent incarnation of the Payment Card Industry Data Security Standard, dubbed Version 3.0, is intended to help organizations make payment security “part of their business-as-usual activities” by introducing more flexibility, according to the PCI Security Standards Council, which is responsible for developing and maintaining the standard. The...
To view the full article, register now.
Law360 Pro Say Podcast
Check out Law360's new podcast, Pro Say, which offers a weekly recap of both the biggest stories and hidden gems from the world of law.