The PCI DSS was established in 2004, with the PCI SSC following 2 years later. Since then, nearly everyone is aware of the PCI standards, understanding the need for compliance - what it is and why they should be doing it.

For everything that the PCI DSS has achieved, it's not without it's detractors.

Our Director and Founder, Benjamin Hosack, says “There is a lot more compromise activity going on than people realise. In Europe, e-commerce businesses are the ones that get hit most. In the US, it is mainly the card-present environment. In the Middle East and Africa, it is a mix of the two,” says Hosack.

On top of this, the payments world is accelerating - no longer does cardholder authentication mean simply a PIN.

How can the security of a landscape where new technologies come along every day realistically be risk assessed?

This article discusses how far we've come in the payment security world, and importantly - how far we still have to go.