A recent report has highlighted a shocking decline in the number of business that are achieving and maintaining PCI DSS compliance.
The study conducted by Verizon suggests that nearly two thirds of organisations around the world are putting customers at risk by failing to ensure full PCI DSS compliance when accepting card payments.
This is evidenced by the percentage of businesses achieving and maintaining compliance, which sits at just 36.7% worldwide, down from 52.5% in 2018, despite the PCI DSS (Payment Card Industry Data Security Standard) being launched by Visa, over fifteen years ago.
Interestingly, organisations in the Asia-Pacific region show a stronger ability to maintain full compliance at 69.6%, compared to 48% in Europe, Middle East and Africa, and just 20.4% in the Americas.
Rodolphe Simonetti, Global Managing Director, Security Consulting at Verizon, stated "We see an increasing number of organisations unable to obtain and maintain the required compliance for PCI DSS, which has a direct impact on the security of their customers’ payment data. After witnessing a gradual increase in compliance from 2010 to 2016, we are now seeing a worrying downward trend and increasing geographical differences."
Highlighting the importance of compliance, Simonetti continued "Our data shows that we have never investigated a payment card security data breach for a PCI DSS compliant organisation. Compliance works!"
Steven Jones, Commercial Director at Gala Technology, the development team behind the multi-award winning 'Cardholder Not Present' payment solution SOTpay concurred " The report concludes that a compliance program without the proper controls to protect data has a more than 95% probability of not being sustainable and is more likely to be a potential target of a cyber attack. Our SOTpay solution, simplifies the scope of PCI DSS which makes achieving and maintaining PCI DSS compliance, much, much easier for merchants and therefore plays a significant part in the reduction of the time, effort and cost of achieving and maintaining PCI DSS compliance, which is why we were awarded the 2019 PCI: Award For Excellence.