We continue in our journey, through the eyes of Mr Scrooge, into PCI Pal’s A Compliance Carol – and following a visit from the spooky Ghost of Compliance Past, we are now swept into today’s world of PCI DSS Compliance, with the Ghost of Compliance Present…. but what sights, and stats, await..?
The Ghost of Compliance Present shows us the abundant and stark realities that organisations and contact centres are facing; a constant battle of protecting customer data against the ever-inventive and determined hackers, versus remaining compliant 24/7 – whilst providing an all-round positive customer experience, via every interaction (regardless of whether it is over the phone, face-to-face or digitally).
These challenges are further highlighted by the copper-bearded Ghost of Compliance Present showing us news headlines following the recent results of the Verizon Payment Security Report detailing how year-round PCI DSS Compliance is in fact declining. Just 36.7% of organisations actively maintained PCI DSS programs in 2018, compared to 55.4% in 2016.
It doesn’t stop there, Mr Scrooge: the journey continues with the apparition showing some alarming statistics from Norton that proves that 2019 has been ‘the year of data breaches’. Figures from the first-half of 2019 show there have been 3,800 publicly disclosed breaches, with 4.1 billion records exposed and a +54% increase in the number of reported breaches compared to the first half of 2018.
Research from PCI Pal backs this up too, with 44% of Americans, 38% of Brits, 33% of Australians, and 37% of Canadians all saying they been the victim of a data breach. 44% of UK consumers also say they will stop spending with a business for several months following a security breach, while 41% will never return to a business post-breach.
Reiterating the voice of the present, these facts and stats show that it’s a very tough time to be processing, handling and transacting sensitive cardholder data, while meeting compliance rules and keeping ahead of fraudsters or hackers. Beware!
A challenging picture is presented striking fear and encouraging promises that ‘We will change our ways’ however, it isn’t all ‘Bah! Humbug!’. Technology has advanced and is supporting more and more organisations with managing their security and Compliance obligations.
For those working with PCI Pal, it is clear that not only are those organisations outside of the scope of the PCI DSS – as no sensitive payment card information ever enters their infrastructure – but interactions can be handled more efficiently and in a more personal, yet secure way, which is sharing the Christmas spirit and spreading joy amongst many Compliance Teams in their ongoing quest for compliance.