Payment-card industry names security advisors

Wal-Mart, American Express among organizations represented on PCI board

The payment-card industry’s security-standards-setting group, the PCI Security Standards Council, Thursday announced its first board of advisors elected to help steer future card data-protection requirements.

The 14-member board includes Wal-Mart, as well as several banks including Bank of America and JP Morgan Chase. Bob Russo, general manager of the PCI SSC, says the elected board also will include seven members from the executive committee of the founders of the organization, Visa, MasterCard and American Express.

“This is our first advisory board, and the types of things we will be looking for are having them advise us on security issues in their markets and relaying modifications and refinements to the PCI standard,” Russo says.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The payment-card industry’s security-standards-setting group, the PCI Security Standards Council, Thursday announced its first board of advisors elected to help steer future card data-protection requirements.

The 14-member board includes Wal-Mart, as well as several banks including Bank of America and JP Morgan Chase. Bob Russo, general manager of the PCI SSC, says the elected board also will include seven members from the executive committee of the founders of the organization, Visa, MasterCard and American Express.

“This is our first advisory board, and the types of things we will be looking for are having them advise us on security issues in their markets and relaying modifications and refinements to the PCI standard,” Russo says.

The payment-card companies that founded PCI SSC have sought to require any business processing credit and debit cards to support the PCI security standard, but they have not been entirely successful.

The elected board includes members from APACS (the U.K. payments association), Bank of America, British Airways, Chase Paymentech; First Data, JP Morgan Chase, Microsoft, Moneris Solutions, PayPal, Royal Bank of Scotland, Tesco Stores, TSYS Acquiring Solutions, VeriFone and Wal-Mart.

The as yet-unsolved TJX data-breach case, viewed as the biggest card theft ever, with hackers stealing sensitive information related to more than 47 million payment cards, has given a sense of fresh urgency to ensuring networks processing payment cards are secure.

Russo says TJX is not a member of the PCI SSC, “but we hope in the future they’ll join.”

Read more about security in Network World's Security section.