Saturday, October 20, 2007
Will PCI suffer the same fate as SoX?
I bet you didn't know that Visa as fined multiple banks to date for not being compliant to PCI yet they have chosen to exercise their right to remain silent which has an effect on saying that security is important but not that important.
The issue at hand is that Visa and similiar consortiums are equally cognizant of their brand and by bringing lawsuits against its participants could jeorpardize it.
I guess if consumers want security, they need to stop relying on others to do it for them and demand that all corporations implement secure coding practices. Imagine calling up CitiGroup while applying for a credit card and not only asking them whether they lack patriotism and outsource to foreign lands but also ask them to publicly state on their web sites what aspects of PCI have they chosen to ignore?
Now, what would happen if you also did the same for Sovereign, Bank of America and others. Until consumers take a stand, the problem that PCI attempts to solve for will continue...