Industry News

27/04/2010 - The Payments Processing Information Sharing Council is calling for an expansion of standardizing card system protocols, in hopes of lowering overall costs, payment processing magazine the Green Sheet reports.

In a policy released in March, the council requested that payment hardware and software vendors develop cost-effective security solutions that focus on open architectures and that could work among the masses. The PPISC feels that the current competing methods of authentication, encryption and tokenization are making the payment system incur higher costs. However, the council believes that adopting open architecture that could support newer technologies to protect infrastructure attacks would reduce costs.

"The primary goal of this policy statement is enhancing the security of the entire payments processing infrastructure," PPISC vice-chairman Rick Van Luvender, the director of enterprise security and risk compliance at First Data Corporation, noted in an email, relayed by the Green Sheet. "Cost reductions are an additional benefit that will lead to widespread adoption of enhanced security solutions."

While the PPISC does not want a single standardized system of operation, it feels standardizing certain methodologies, like tokenization, would mean less communication between different systems and thus, lower costs for certifying products among them.

In a recent article, Network World described tokenization as one of the most reasonable safety solutions for the PCI Security Standards Council to incorporate into the PCI DSS.