As consumers increasingly rely on cashless spending, the PCI SSC has identified a process to secure cardholder data. Acceptto CEO Shahrokh Shahidzadeh discusses why it’s time to replace password-based credentials.
According
to a recent study
by the PEW Research Center, consumers in the U.S. are relying less on physical
currency. The report found that “roughly three in 10 U.S. adults (29 percent)
say they make no purchases using cash during a typical week.” In addition, a
generational trend shows that “Americans under the age of 50 are more likely
than those ages 50 and older to say they don’t really worry much about having
cash on hand.”
As American
consumers increasingly rely on cashless spending, it is no wonder that the
Payment Card Industry Data Security Standard (PCI DSS) arose to develop a set
of requirements applying to companies of any size that accept credit card payments.
The PCI DSS
requirements now mandate multifactor authentication (MFA) for access to the
cardholder data environment for all non-console access, and it recommends the
use of MFA for remote access to customer networks.
These
requirements bring up a common argument: replacing traditional password-based
implementations is expensive, and the integration effort is too complex…
