The PCI Security Standards Council has beefed up its rules to prevent data thefts from payment devices.
The modifications have been incorporated in the new Version 5.0 of the Council’s standards known as the ‘PIN Transaction Security (PTS) Point-of-Interaction (POI) Modular Security Requirements.’
The council said that the new security measures will safeguard critical information of cardholders amid rising incidents of malware and hacker attacks on payment card-accepting devices.
“The updates are designed to stay one step ahead of criminals who continue to develop new ways to steal credit and debit card data from cash machines, in-store and unattended terminals, and mobile devices used for payment transactions,” PCI Council said in a statement.
PCI Security Standards Council chief technology officer Troy Leach said: “Criminals constantly attempt to break security controls to find ways to exploit data. We continue to see innovative skimming devices and new attack methods that put cardholder data at risk for fraud.
“Security must continue to evolve to defend against these threats. The newest PCI standard for payment devices recognizes this challenge by requiring protections against advancements in attack techniques.”
The next version of POI Version 5 will deal with the concerns against current and future threats related to data protection. The updated rules also require that payment-accepting devices to support firmware that can be updated.