Verizon: Global Merchants Woefully Short on Card Data Security Compliance

A new report highlights the challenge facing CIOs and security chiefs to maintain compliance amid constantly changing IT environments, new regulations and growing cyber threats.

NEW YORK CITY – Four out of five global retailers and other merchants failed interim tests to determine whether they are in compliance with payment card data security standards, putting them at increased risk of cyberattacks, according to a new report by Verizon Communications.

Businesses must be vigilant in maintaining security to remain compliant with the Payment Card Industry Data Security Standard (PCI DSS), required by payment card issuers. Most of the companies have a tendency to run upgrades of security software and hardware only when they approach an annual compliance check, according to Verizon.

RELATED: Samsung Smart TVs Susceptible to Hackers

The report, which gathered data in 30 countries by assessing more than 5,000 merchants including retailers, financial institutions and hospitality firms among others, found only 20 percent of those tested to be fully compliant less than a year after installing security safeguards.

From 2013-2014, overall compliance went up by 18 percentage points for 11 out of the 12 payment data security standards. The report acknowledged the standards are only a baseline, an industry-wide minimal acceptable standard. The volume and scale of breaches in the past 12 months have shown that this is not stopping attackers, Verizon said.

However, out of all the data breaches in the past 10 years that Verizon studied, not a single company was found to be compliant at the time of the breach.

RELATED: Small to Midsize Firms Vulnerable to Cyber Espionage

Credit and debit cards account for two-thirds of purchases by value in the United States. A further $2.17 trillion is spent via electronic methods, such as PayPal and mobile payments – many of which are ultimately backed by card transactions, the report said.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Tagged with: Industry News Research

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Get Our Newsletters