Alliance to aid card security compliance

IT security suppliers have formed an alliance to advise businesses on how to meet security standards required by credit card companies for processing online transactions.

The Payment Card Industry Security Vendor Alliance, launched today (30 January), aims to provide IT departments with advice on how they can meet the Payment Card Industry Data Security Standard - a benchmark to improve the security of card transaction processes.

"One of the things we are trying to do is make sure people understand what it takes to achieve compliance," said Dave Taylor, vice-president for data security strategies at information security management firm Protegrity, a founder member of the alliance.

"It's not simply about buying a product. A lot of it is to do with physical access controls, how a building is set up, and separating people who need to know confidential information from those who don't."

The alliance believes that the PCI standard has wider applicability across businesses as a benchmark for security, irrespective of whether they need to support online credit card transactions.

The alliance initially comprises ConfigureSoft, Cyber-Ark, Proginet, Protegrity and Safe-Net, and other security services suppliers are expected to join.

www.pcisecuritystandards.org/tech

www.mastercard.com/us/sdp