The PCI Security Standards Council (PCI SSC), an open global forum for the development of payment card security standards, testified before the U.S. Senate Subcommittee on National Security and International Trade and Finance. The Council was asked to participate in the hearing on “Safeguarding Consumers’ Financial Data” because of its role in designing and maintaining standards and resources for card data protection.
PCI SSC Chief Technology Officer, Troy Leach, represented the Council and covered several topics, including:
· Data security best practices include a multi-layered approach involving people, processes, and technology;
· Moving towards EMV Chip technology is an important piece of improving data security, but it is not a complete solution in and of itself. Used together, EMV Chip and PCI Standards, along with many other tools will provide strong protections for payment card data;
· Data security is a complex, global challenge that cannot be solved by a single technology, standard, mandate, or regulation;
· The development of standards to protect payment card data is something the private sector is uniquely qualified to do.
“The protection of consumers’ payment card data is at the heart of our mission at the Council,” said Leach. “We welcomed this opportunity to talk about the work we are doing globally to create standards and resources that help businesses take a multi-layered approach to securing their customers’ card data.”