Credit card payment processing companies need to meet all 12 PCI requirements for safeguarding customer payment card data, a process that usually involves dealing with a variety of suppliers who are involved at each stage. IBM said its programme will take companies through the entire PCI compliance process, from assessment to compliance to certification.
"Imagine how time consuming it is if, at every stage of the compliance process, you have to rebrief someone about your solution," said Andrew Lawton, EMEA regional manager for IBM ISS. "Now consider the time and money you save not having to assessment and penetration testing and all the other processes."
PCI is a global standard that applies to any company that processes, transmits or stores credit card information. The standard was created by credit card companies to help organisations prevent security breaches. Any company that processes credit card data today could be threatened by cybercrime attacks, resulting in customer identity theft. Those companies that do not achieve PCI compliance could have their ability to process credit cards revoked, or could face increased processing costs.
"There's not much time left to apply for PCI compliance, so people should make the most of it," said Lawton.