We were headed toward a nearly cashless society anyway, but the COVID-19 pandemic and the rise of “contactless” transactions is likely the final push over the edge.
Every time you place a takeout order via a mobile app, you’re putting your cybersecurity into the hands of an intricate network of merchants, payment card issuing banks, payment processors, developers, and more. And even though you’ve likely had your credit card number stolen—23 million numbers were stolen in the first half of 2019 alone—the risk of fraud would be even greater if PCI DSS did not exist.
“PCI DSS” stands for Payment Card Industry Data Security Standards, the framework any entity involved in credit card processing must follow in order to protect cardholder security. The standards were introduced in 2004 after an explosion of credit card fraud during the rise of e-commerce.
In 1998 and 1999, MasterCard and Visa experienced more than $750 million in fraud related to online commerce. To fight back, Visa introduced its Cardholder Information Security Program (CISP) in October 1999, and MasterCard, American Express, Discover, and JCB quickly followed with their own unique security programs.
Standardizing credit card security
This was a problem for merchants. Following one set of security standards was enough of a heavy lift—but five? The credit card companies decided to work together, and PCI was the result.
When you place a takeout order via a mobile app, your credit card info and #cybersecurity relies on #PCI DSS to stay protected from cybercriminals.
PCI standards protect several types of cardholder data: account number, the cardholder’s name, the CVC, chip or magnetic strip data, and “sensitive authentication data”—the card number plus an authentication factor. To comply with PCI standards, an entity must implement specific security measures related to firewalls, login and password standards, encryption and more. In 2006, the PCI Security Standards Council was established to govern the standards.
So, the next time you order dinner on your phone, marvel at how quickly your payment is processed—and all of the entities working together to do their best to keep your data safe.
Photo: John99 / Shutterstock