Financial analysts believe that virtualization is now a very important aspect for credit card security. This is a statement they made as the Payment Card Industry Data Security Standard recently released their second report edition. This report includes the minor changes for credit card security levels to be increased via virtualization.
The Payment Card Industry Standard (PCI DSS) required all organizations that manage payments via card data to have their security mechanisms in place, in order to more fully deliver on services in credit card transactions.
Qualified Security Assessors (QSA) will then be responsible for looking into the pace at which banks’ credit cards adapt to virtualization. Security levels will also be closely monitored by the QSA externally as check and balance to the internal mechanisms in place within the company.
Once virtualization have been set and fully incorporated for the bank’s credit cards, annual reports by the banks will also be sent to the QSA. The QSA will check and validate company compliance with the rules and standards every year. The QSA will make validation on annual reports of security mechanisms via virtualizations contingent upon the size of an organization.
The PCI DSS system components have included in the new agreement, particularly in the provision 2.2.1, the need for virtualized systems. The details include the way functions of virtual environments relate with the compliance validation functions of the institutions. The Payment Card Industry (PCI) Special Interest Group has said they will closely look at how the virtualized systems in chosen environments might affect credit card standards when it comes to functions, operations, and security levels.
The PCI Special Interest Group includes merchants, auditors in financial institutions, as well as merchants representing different organizations. They will test how credit card virtualizations might affect the industry and their markets in general.
‘The Citibank and Dynamics, Inc. partnership for the launching of the CARD 2.0 or 2G is a recent innovation in the credit card industry,’ Financial analyst Karen Labyrinth said. The cards are a welcome development now on a testing stage; with select markets due to their unique security features to protect their cardholders form theft.
With these new technologies, PCI DSS says that its role is to see how this innovation fits into the virtual environment, and how benefits are brought by the card to the virtual systems and vice versa.
Labyrinth concludes that this is a good opportunity to look into the prospects of virtualization for increased levels of security.