A recent survey by Deloitte shows that a significant portion of the 100 websites surveyed did not coply with the PCI DSS Credit Card Payments standard. In addition 2% of the sites did not encrypt cardholder data at all.
The report points out that these insecure sites can lead to a greater risk of their clients becoming the victims of identity theft or credit card fraud.
IRISS would recommend all sites that support e-commerce to ensure that they are compliant with the PCI DSS Credit Card Payments Standard. If you need more information on this standard please refer to the PCI Security Standards web site at https://www.pcisecuritystandards.org/
The Deloitte press release is available at their site
. The Siliconrepublic.com also cover this story as do RTE
RTE’s Nine O’Clock news programme reports on the story