80 likes | 199 Views
Identity Theft and Credit Card Security: The current problems in the industry and the impact of the PCI standard. Bryan Mathews. Issue. The security of credit card information today is becoming an important issue
E N D
Identity Theft and Credit Card Security: The current problems in the industry and the impact of the PCI standard Bryan Mathews
Issue • The security of credit card information today is becoming an important issue • There have been some very recent developments to increase that security in the Payment Card Industry Data Security Standard • There are differing opinions on the PCI-DSS but in general there is a push to become complaint across the industry
General News • Focuses on the general public and how they can protect themselves • Outlines security breaches and who is affected as well as how much damage it caused • Does not get into technical details • Informs consumers where some of the problems are coming from
Trade Publications • Focuses on the technical issues more than the general information • PCI standard is discussed • More opinionated than whitepapers • Discussion about the technical reasons for breaches and how they could be avoided • Also has consumer advice on a more technical level
Whitepapers • Almost all whitepapers focus on implementing the PCI DSS • Many vendors out there have differing ways to become complaint • Some are more general others talk about the fines for not implementing • All focus on the importance of the PCI DSS
Academic Coursework • General information about security • Nothing specific about credit card security or the PCI DSS • Most likely because it is a very current topic • General IS security trends are relevant such as encryption and other IS topics
Academic Research • Almost nothing about credit card security, more focus on general IS security • Similar to academic coursework likely because it is a newer topic
Specific Article • “PCI Is Security Simplicity, Not Complexity” • PCI is one of the best things to happen to the payment industry and consumer data protection • Its standards are quite fundamental and are the basics of IS security • Some complain that the PCI DSS standard is too complicated when in reality it is not • Others complain that it provides no cost savings which is disproved when there is a hack • PCI is very narrow and to the point, it outlines specific things a company must do to be complaint and is not broad like other recent standards. • Companies need to get on board and become compliant