Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    PCI Compliance Among Retailers Growing

    By
    Evan Schuman
    -
    January 23, 2008
    Share
    Facebook
    Twitter
    Linkedin

      PCI compliance for the nation’s largest retailers hit 77 percent for the end of last year, according to Visa.

      In addition, the credit card company said Jan. 22 that compliance among midsize merchants, or Level 2s, also sharply increased, growing to 62 percent.

      When Visa last reported PCI compliance figures for the largest retailers, or Level 1s, in late October 2007, that figure was 65 percent. The number has been steadily increasing. In December 2006, for example, Level 1 PCI compliance was at 36 percent.

      The new figures also show a sharp improvement for midsize retailers, which jumped from October’s 43 percent. Level 2 retailers process between 1 million and 6 million Visa transactions a year.

      Visa also reported that the percentage of retailers in both groups that had promised that they were not retaining prohibited data hit 99 percent.

      The figures were first revealed in a speech that Jennifer Fischer, a Visa PCI executive, gave to a Los Angeles PCI seminar audience the week of Jan. 14. However, the slides that Fischer used suggest that Visa helped those numbers look stronger by removing from the list some 38 Level 1 retailers that weren’t going to make their PCI deadlines and extending their deadlines to Sept. 30, 2008.

      There are only 364 Level 1 retailers, which are merchants that process more than 6 million Visa transactions a year. Visa did the same thing for the 1,011 Level 2 retailers, only there it excluded 302 merchants, that were given until Dec. 31, 2008. Were it not for those exclusions, the compliance figures would have both been much lower and would have given a more accurate sense for how many of the nation’s largest retailers are truly complying with data security requirements.

      For the nation’s 2,596 Level 3 merchants — those whose annual e-commerce transactions number from 20,000 to 1 million — the compliance level was only 54 percent.

      The group that represents the largest percentage of all Visa transactions are Level 1s, which are responsible for half of all Visa transactions. But the second-largest group is the nation’s 6 million Level 4s, which process fewer than 1 million transactions a year and are responsible for almost a third (32 percent) of all Visa transactions, the Visa documents said.

      Data Breaches

      Unlike the other groups, the PCI compliance for Level 4s was not specified, but merely described in the Visa documents as “low.”

      Fischer’s slides also painted an insecure image of credit card data. The number of data “compromise events” in the United States “more than doubled” from 2006 to 2007. A different slide gave some meat to that claim, showing about 25 reported data breaches in 2003, increasing to about 125 in 2004 and about 250 in 2005.

      That number of reported data breaches dropped in 2006 to about 220, but then sharply rose last year. The slide reported some 348 incidents for 2007, but then noted that it only included incidents reported through August 2007, suggesting that the 2007 total could be higher.

      As with all crime reporting, it’s not clear whether the numbers reveal an increase in actual data breaches or merely an increase in the percentage of such incidents that are being reported, or a combination of the two.

      An ongoing security debate has been whether online or physical stores are a higher security risk. For the last few years, the conventional wisdom has been that brick-and-mortars are still responsible for the vast majority of breaches, but online is where fraudulent and stolen cards are most likely to be used.

      The new Visa figures challenge those assumptions, with reports showing an even split between physical and Web stores in 2007, according to Fischer’s slides.

      Retail Center Editor Evan Schuman can be reached at eschuma@earthlink.net.

      Check out eWEEK.com’s Retail Center for the latest news, views and analysis on technology’s impact on retail.

      Evan Schuman
      Evan Schuman is the editor of CIOInsight.com's Retail industry center. He has covered retail technology issues since 1988 for Ziff-Davis, CMP Media, IDG, Penton, Lebhar-Friedman, VNU, BusinessWeek, Business 2.0 and United Press International, among others. He can be reached by e-mail at Evan.Schuman@ziffdavisenterprise.com.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×