Wal-Mart, Bank of America, Microsoft to be represented on PCI standards council

The board, which include merchants, financial institutions and credit card processors, will guide the global security forum's standard as it continues to gain widespread acceptance across the retail industry, Bob Russo, the PCI SSC’s general manager, told SCMagazine.com.

He said the board will ensure the standard evolves with the latest threats and technology and includes "the things people want to see."

The board members, nominated and elected by some of the 200 organisations that makes up the PCI SSC, are leaders in the ever-expanding data security compliance front, Russo said.

"I think these people have had, by and large, the biggest experience with PCI, both with trying to get themselves compliant and with [other companies] looking to them to give them some sort of direction," he said.

The board's first task will be preparing an agenda for the upcoming inaugural PCI SSC Community Meeting, scheduled for 17 September to 19 in Toronto, during which participating organisations, security assessors and scanning vendors meet to discuss the standard.

PCI is gaining momentum because data breaches are everyday news, said Russo.

"Had the breached firms been compliant, you wouldn’t have been reading about them," he said. "The industry is policing itself. We are doing it right. It makes sense that other people are going to want to buy into this."

Board members said in a statement that they were pleased to be associated with a group protecting the valuable information of customers.

Michael Cook, vice president and assistant treasurer of Wal-Mart Stores, said the PCI standard needs constant refinement.

"The industry’s efforts to maintain the safety of cardholders’ data will continue to be an ongoing challenge," he said.

Russo said the standard has been successful because it is "prescriptive." It clearly details steps that must be taken to achieve security, he said.

The other organisations making up the Board of Advisors are: APACS, the UK Payment Association; British Airways; Chase Paymentech; First Data; JPMorgan Chase; Moneris Solutions; PayPal; Royal Bank of Scotland; Tesco Stores; TSYS Acquiring Solutions; and VeriFone. Another seven members are expected to be named in the coming months.