On Tuesday, the Payment Card Industry Security Standards Council announced that it was opening the formal feedback period for versions 2.0 of the Payment Card Industry Data Security Standard (“PCI-DSS”) and Payment Application Data Security Standard (“PA-DSS”), which were issued in October 2010 and will become effective exclusively when versions 1.2.1 are officially retired on December 31, 2011.  The Council traditionally opens the feedback period for PCI-DSS and PA-DSS one year after issuance in order to give the payment community time to formulate comments based on experience.  Stakeholders’ feedback will be organized into three categories – Clarifications, Additional Guidance, and Evolving Requirements – and presented during the 2012 PCI Community Meetings.  The feedback period will close in April 2012.     

All PCI stakeholders can submit feedback online through an automated online tool.  The Council is particularly interested in feedback from international stakeholders because of the substantial growth in global and, in particular, European representation in the past year.  PCI European Director Jeremy King remarked that such feedback will help the Council maintain a “global standard that ensures the protection of cardholder data remains paramount.”  Please contact us if you would like to explore the submission of PCI-DSS or PA-DSS feedback to the Council.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Mike Nonaka Mike Nonaka

Michael Nonaka is co-chair of the Financial Services Group and advises banks, financial services providers, fintech companies, and commercial companies on a broad range of compliance, enforcement, transactional, and legislative matters.

He specializes in providing advice relating to federal and state licensing and…

Michael Nonaka is co-chair of the Financial Services Group and advises banks, financial services providers, fintech companies, and commercial companies on a broad range of compliance, enforcement, transactional, and legislative matters.

He specializes in providing advice relating to federal and state licensing and applications matters for banks and other financial institutions, the development of partnerships and platforms to provide innovative financial products and services, and a broad range of compliance areas such as anti-money laundering, financial privacy, cybersecurity, and consumer protection. He also works closely with banks and their directors and senior leadership teams on sensitive supervisory and strategic matters.

Mike plays an active role in the firm’s Fintech Initiative and works with a number of banks, lending companies, money transmitters, payments firms, technology companies, and service providers on innovative technologies such as bitcoin and other cryptocurrencies, blockchain, big data, cloud computing, same day payments, and online lending. He has assisted numerous banks and fintech companies with the launch of innovative deposit and loan products, technology services, and cryptocurrency-related products and services.

Mike has advised a number of clients on compliance with TILA, ECOA, TISA, HMDA, FCRA, EFTA, GLBA, FDCPA, CRA, BSA, USA PATRIOT Act, FTC Act, Reg. K, Reg. O, Reg. W, Reg. Y, state money transmitter laws, state licensed lender laws, state unclaimed property laws, state prepaid access laws, and other federal and state laws and regulations.