In November 2009, Aberdeen Group published their research paper titled, “The 2009 PCI DSS and Protecting Cardholder Data Report.”
Some of the key findings include:
• While there have been years with minimal number of cards breached, the number of incidents continues to rise virtually every year and the trend in the number of cards compromised also continues to increase.
• In a survey of 1/3 large retailers(revenue >$1B) , 1/3 mid-size retailers(revenue between $50M and $1B) and 1/3 small retailers (revenue less than $50M), the best-in-class retailers spent $135,000 in annual PCI compliance costs while all others spent $300,000. The reason the best-in-class retailers had less annual PCI Compliance costs was their adoption of technologies
• “Similarly, with protecting cardholder data, the most effective way to protect it is not to block the attacker, but to take away the attacker’s target. While all companies should do a better job of leveraging … (technologies)… to protect cardholder data in the here and now, they should also pay close attention to collaborations between payment processors and technology solution providers to promote alternatives such as end-to-end encryption and tokenization for the elimination of stored cardholder data altogether.”
• A full copy of this study may be found here.
2 comments:
What about using a POS software system? They're secure and easy to use, I've been using one at work now and I've never had any issues with it.
You are a retail business. You have spent a small fortune in time and money to upgrade your systems and have now achieved that holy grail – PCI DSS compliance.
Post a Comment