As part of our continued effort to drive security forwards at Report URI, we're joining the PCI SSC as a Participating Organisation. This will allow us to have more direct involvement in the development and improvement of the PCI DSS, a standard that protects hundreds of millions of users every single day on the Web.
The PCI SSC
The Payment Card Industry Security Standards Council is a global body comprised of the major stakeholders within the payment card space and they are responsible for creating what is probably one of the most well-known compliance requirements on the Web, the Payment Card Industry Data Security Standard, or PCI DSS.
The goal of the PCI DSS is to 'encourage and enhance payment card account data security' and provide a ' baseline of technical and operational requirements designed to protect account data'. The latest version of the PCI DSS, v4.0, was released 1 year ago and contained numerous updates to help organisations deal with new threats that exist on the modern Web since the last major release of the standard. I covered the specifics of those changes in a blog post last year:
If you accept payments online via your website, you must be PCI DSS compliant to some level, and no matter which compliance requirement you fall under, our PCI DSS Compliance solution can help.
I'm excited about the PCI SSC starting to provide robust guidance on how to deal with some of the most serious threats that organisations are facing online, and we're looking forward to contributing and helping to drive the standard forwards.
You can download the Press Release here: