New PCI Software Security Standards’ Impact on Payment Facilitators

February 28, 2019 • Published Categories Industry Topics Tags ,

Consumers demand easy and fast ways to pay, and everywhere you look there’s an abundance of innovation in the payments industry. But as new payment models arise, one thing stays the same—the need for uncompromising security.

New Requirements Focus on Keeping Next Generation Payments Secure

To keep pace with payments innovation, in mid-January, the PCI Security Standards Council (PCI SSC) announced new requirements for the secure design, development and integration of leading edge payment software. The intent of the new framework is to allow software vendors and in-house teams to better drive the development of secure software solutions for the next generation of payments.

Personally, I’m optimistic that these new standards can live up to their promise of providing a better framework for current and future payments. I recently shared my thoughts about the upcoming changes with PaymentFacilitator—in particular, how the new PCI Software Security Standards might impact payment facilitators (PFs) and prospective PFs.

Tips for Payment Facilitators

Payment facilitators should consider conducting a thorough review of this new framework to ensure any organizational impact is identified. Further, engaging an expert in payment facilitation who is well-versed in the new standards could be needed, so plan early for the changes that are coming.

The Council anticipates validation assessments to start next year and there will be a transition period to smooth the changeover. Plans are to fully retire the current Payment Application Data Security Standard (PA-DSS) in 2022.

PaymentFacilitator asks the question, “What Do the New PCI Payments Software Security Standards Mean for PFs?” Read the article to find out what payments journalist Kim Graber uncovered from her discussion with me as well as PCI SSC Chief Technology Officer Troy Leach.