PCI Council's Efforts to Fight Fraud During COVID-19 CrisisTroy Leach of the PCI SSC Discusses Risk Mitigation, Standards Updates
Troy Leach of the PCI Security Standards Council discusses how the shift to card-not-present transactions during the COVID-19 pandemic has created new fraud-fighting challenges and offers an update on pending standards revisions.
Some smaller merchants have had to transition to online payments very quickly without fully understanding the risks, he says in an interview with Information Security Media Group. The PCI SSC has released guidelines for merchants on fighting fraud as well as safely using card-accepting devices.
"We provide some guidance on how we maintain good safety of the device by how to properly disinfect it without disrupting some of the security controls that are in place, such as skimming protection devices," Leach says.
In the interview (see audio link below photo) Leach also discusses:
- Fraud schemes emerging during the COVID-19 pandemic and how to mitigate the risk;
- The timeline for the next round of updates to the PCI Data Security Standard.
- The need to "do more on good software design" using the PCI Secure Lifecycle standard.
Leach is senior vice president and engagement officer for market intelligence and stakeholder engagement at the PCI Security Standards Council. In his role, he partners with industry leaders to identify stakeholder needs and develop comprehensive strategies to secure payment data and the supporting infrastructure. This includes coordination of information sharing and communication with PCI members.