Rebecca Sausner has an article in Bank Technology News, in which Avivah Litan of Gartner is quoted as saying, “Visa’s next.” But the more interesting question, of course, is what’s next?
…. Visa is sticking to its guns with the PCI standards. “…While no guarantee, maintaining compliance with the PCI DSS remains the best protection against a data compromise. Forensic reviews of past data breaches have indicated that no compromised entity has actually been in full compliance with PCI DSS when its breach [occurred],” the company said in a written statement.
Bob Russo, general manager of the PCI Security Standards Council, says the organization is studying new tools like end-to-end encryption, tokens and EMV, and how use of these might pre-empt the requirements of PCI compliance. But Russo doesn’t see the Heartland breach as a watershed moment in payments security.
Read more.