Connect with us

News

PAYMENT SECURITY COMPLIANCE DECLINES – ONLY 1 IN 3 COMPANIES GLOBALLY MAKE THE GRADE

Verizon’s 2019 Payment Security Report highlights why compliance matters, and offers measures to combat the downward compliance trend

What you need to know:

  • Companies that maintain full compliance with the Payment Card Industry Data Security Standard (PCI DSS) decrease for the second year in a row to 36.7 percent worldwide.
  • Only 1-in-5 organizations in the Americas maintain full compliance; Companies in Asia-Pacific dominate.
  • Verizon’s 9-5-4 Framework addresses elements to help develop and improve capability and process maturity across an entire data protection compliance program (DPCP).

 

Payment security compliance has declined for the second year in a row, with organizations based in the Americas lagging behind worldwide counterparts, Verizon’s 2019 Payment Security Report (2019 PSR) flags.

 

When Visa Inc. initially launched the PCI DSS in 2004, many assumed that organizations would achieve effective and sustainable compliance within five years. Now, 15 years on, the number of businesses achieving and maintaining compliance has dropped from 52.5 percent (2018 PSR) to a low of just 36.7 percent worldwide. Geographically, organizations in the Asia-Pacific (APAC) region show a stronger ability to maintain full compliance at 69.6 percent, compared to 48 percent in Europe, Middle East and Africa (EMEA) and just 20.4 percent (1 in 5) in the Americas.

 

PCI DSS helps businesses that offer card payment facilities protect their payment systems from breaches and theft of cardholder data, as shown in the Verizon Data Breach Investigations Report series. Compliance is measured on an organization’s ability to meet — and importantly, maintain — the standard.

“After witnessing a gradual increase in compliance from 2010 to 2016, we are now seeing a worrying downward trend and increasing geographical differences,” said Rodolphe Simonetti, global managing director for security consulting at Verizon. “We see an increasing number of organizations unable to obtain and maintain the required compliance for PCI DSS, which has a direct impact on the security of their customers’ payment data. With the latest version of the PCI DSS standard 4.0 launching soon, businesses have an opportunity to turn this trend around by rethinking how they implement and structure their compliance programs.”

 

New Verizon framework helps businesses navigate payment security compliance

Data protection and compliance present daily challenges. Many organizations believe they can use a one-size-fits-all script to achieve effective and sustainable data protection. However, in the real world, security is more complicated.

 

Simonetti continues, “Many organizations spend a lot of time and money creating data protection compliance programs, but often these are ineffective — looking good on paper but not able to withstand the scrutiny of a professional security assessment. We still see Chief Information Security Officers focusing on how to maintain baseline control activities rather than looking at data protection competency and maturity. What is needed is a clear and easy-to-understand navigational guide to help them deliver measurable results and predictable outcomes.”

 

In previous Payment Security Reports, Verizon developed methodology to help organizations manage their Data Protection Compliance Programs (DPCPs). These have now been combined to form the Verizon 9-5-4 Compliance Program Performance Framework — a guideline which helps develop and improve capability and process maturity.

The 9-5-4 Framework is designed to help organizations achieve repeatable, consistent and predictable outcomes by offering guidance on how to map, monitor and report the status of sustainability and effectiveness for each of the 9 Factors of Control Effectiveness and Sustainability — including control environment, control design, control risk, control robustness, control resilience, control lifecycle management, performance management, maturity measurement and self-assessment. This is across each of the essential 4 lines of assurance — individual accountability, risk management and compliance teams, internal audit, external audit and regulators — and is achieved by evaluating the 5 Constraints of Organizational Proficiency  — capacity, capability, competence, commitment and communication.

 

Link reinforced between lack of compliance and breaches

The report also includes data from the Verizon Threat Research Advisory Center (VTRAC), which demonstrates that a compliance program without the proper controls to protect data has a more than 95 percent probability of not being sustainable and is more likely to be a potential target of a cyberattack.

“For years, we have discussed the close correlation between the lack of PCI DSS compliance and cyber breaches,” concludes Simonetti. “In this year’s report, we included even more data from the Verizon VTRAC team, the authors of Verizon’s Data Breach Investigation series, to add more depth to this discussion. Our data shows that we have never investigated a payment card security data breach for a PCI DSS compliant organization. Compliance works! ”

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND

battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today that it successfully closed its seed financing round with backing from leading strategic and venture capital investors.

 

Atlanta, Georgia-based Fintech Ventures Fund has invested in the company, joining existing investors Greenlight Re and Tangiers Group. This investment will be used to expand software development, hire sales and business development personnel, and further the company’s global reach.

 

Sasha Gainullin

battleface is led by a team of travel insurance experts. CEO Sasha Gainullin previously developed global operations for AIG Travel Guard and has worked with battleface since its inception. Managing Director Paul Simmonds brings experience as a Lloyd’s of London underwriter with previous leadership roles at Berkley Syndicate, CNA Hardy, Brit, and Goshawk.

 

“We got our start because many travellers couldn’t find the right insurance products with coverage for their unique travel destinations and real needs,” said Gainullin. “With the latest investment from Fintech Ventures Fund, we’ll continue to expand our B2B partnerships custom-building travel insurance solutions for groups, including business and NGO travellers, associations and membership-based organisations.”

 

battleface combines innovative technology and underwriting to create, distribute and service specialty travel insurance products for people in both retail and wholesale. Products are supported by a network of 24/7 assistance coordinators, medical providers and on-the-ground field agents who provide emergency claims, medical and travel assistance services on a global basis.

 

Fintech Ventures Partner Lucas Timberlake said: “A core area of our fund’s investment thesis is that technology can be leveraged to more efficiently provide insurance products to markets that have been underserved by current offerings. We believe that battleface’s seasoned management team will create an industry leader in the travel insurance space. It is for these reasons that we are excited support the company’s future growth.”

 

Continue Reading

News

VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES

HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach

 

Leading customer onboarding and KYC technology firm, HooYu, has announced a partnership to digitalise Vanquis Bank’s KYC processes.  The HooYu KYC journey has been selected to provide additional identity proofing during the customer lifecycle when customers perform a potentially high-risk action on their accounts.

 

Vanquis Bank is part of the Provident Financial Group, a UK and Ireland business with over 140 years’ experience in lending to consumers who are not well served by mainstream lenders. With millions of customers, Vanquis needed to find a way to help balance fraud prevention and KYC with a great customer experience.

 

Existing customers calling in to the change the details on their account were in some cases having to wait weeks before the change could be approved.   The team at Vanquis Bank is continually looking to improve how their products work for their customers and that they are easy to apply for and manage.  Vanquis Bank decided to implement an ID document validation solution that would speed up customer lifecycle management and improve the customer experience.

 

Sue Singleton, Process Change Assurance Manager at Vanquis Bank said, “By adding HooYu to our KYC tools, we can improve some of our higher risk customer processes and can now facilitate customer requests without asking the customer to post in copies of documentation. Our agents deal with thousands of customers a day and now what could have been a delay of weeks for our customers, can be achieved in a matter of minutes with HooYu”.

 

David Pope, Marketing Director at HooYu said, “It’s been great to see the results of Vanquis implementing the HooYu digital journey and how the HooYu UI and UX tools are helping their customers though the KYC process.”  

Continue Reading

Magazine

Partner Events

Trending

Banking8 hours ago

BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH

By Victor Acin, Threat Intelligence Analyst, Blueliv   Financial services firms are increasingly being told to embrace disruption in order...

Banking8 hours ago

THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY

U Htoo Htet Tay Za, Managing Director, AGD Bank   Myanmar’s economy is one of the fastest growing in Asia...

Business9 hours ago

WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION

Chris McLaughlin is chief product and marketing officer at Nuxeo   Few would argue against the notion that the UK...

Top Stories9 hours ago

WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?

By Roberts Lasovskis, Investment Platform Lead, TWINO   It’s a new year; time for resolutions and forward planning, positivity and...

Business10 hours ago

WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK

Aaron Brooks, Co-Founder of  Vamp   For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...

Interviews1 day ago

DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET

Graham Glass, CEO of Cypher Learning   What has enabled Cypher to continue to grow in an increasingly saturated market?...

Finance1 day ago

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys   Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...

Banking1 day ago

FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS

Rahul Singh, president of financial services at HCL Technologies   We’ve just finished a very exciting decade in financial services, with new...

Wealth Management1 day ago

COMBATING INSURANCE FRAUD WITH MACHINE LEARNING

By Georgios Kapetanvasileiou, Analytical Consultant at SAS   Most insurance companies depend on human expertise and business rules-based software to...

Business1 day ago

DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS

By Mike Smith, Executive Director, Virgin Media Business (Direct)   Is there anything more frustrating than finding out your bank account...

News1 day ago

BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND

battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...

News1 day ago

VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES

HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach   Leading customer onboarding and KYC technology...

Banking1 day ago

WHY NEOBANKS ARE ON THE RISE IN THE UK

New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...

Finance3 days ago

RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020

Marie Tatibouet is the CMO at Gate.io   It has been a bold and progressive year for the digital asset...

Banking3 days ago

WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?

Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....

Technology4 days ago

HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?

By Steve Georgiou, Business Consultant at Xpedition    Charities are under constant scrutiny for how they handle their finances. Budgets...

Business4 days ago

RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS

By Alex Balcombe, Partner at Harris Balcombe   John Lewis, Tesco, and Hotpoint have all been in the news in...

Business6 days ago

THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN

Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...

News1 week ago

MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION

New online portal leverages low-code’s speed and flexibility   Mendix, a Siemens business and the global leader in low-code and...

Finance1 week ago

RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED

By Gerard Visser, Financial Planning Consultant at Alexander Forbes   There are a number of ways to save and a...

Trending