| PCI DSS has been in existence for more than ten years, yet merchants are still being breached and cardholder data is still being lost. PCI DSS helps merchants protect cardholder data, by implementing security best practices at every stage of the payment card process. PCI DSS fails consumers by not requiring merchants to use the latest technologies to secure transactions at every step of the process. PCI DSS also fails consumers, by not providing a solid audit plan for the largest group of merchants. The card brand do not hold the small and medium merchants accountable to become PCI compliant. The larger merchants are required to have a PCI audit annually by an independent third party, whereas the small and medium merchants are allowed to do a self-assessment and report the results. Without proper accountability many merchants use several different excuses for reason they are not PCI compliant ten years after the release of the mandate.;Keywords: Cybersecurity, Stephen Maher, J.D., Card Brands, PCI DSS, Point-of-sale. |
