Online retailers encouraged to improve security
08 April 2015 - 10:17 by Graham Miller
The Payment Card Industry Security Standard Council (PCI SSC) has announced regulatory changes aimed at improving the levels of protection which are afforded consumers when they shop online, according to The Register.
The latest version of its Data Security Standard will be rolled out in the next few weeks, with e-commerce sites urged to make the leap from older SSL security protocols to the newer TLS alternatives, which are better able to prevent fraud and other malicious activities.
Basically this is about ensuring that any transactions that consumers carry out online will be as secure as possible, preventing prying eyes from getting access to personal information which might be used to commit fraud.
TLS is a more modern encryption protocol than SSL and, as such, e-commerce sites will need to be updated to comply with the PCI SSC’s new raft of regulations covering safe shopping online.
Worryingly, the amount of compliance across the industry is relatively low, with a 20 per cent success rate for those retailers undergoing their first security assessment by this body. So it is important for the regulations to be evolving, as this ensures that retailers have an incentive to keep pace.
Consumers will have to hope that the larger retailers are quick to take up the new TLS encryption protocols, since cybercriminals and fraudsters are getting better at exploiting the older standards.
It is also worth noting that the new regulations cover businesses of all shapes and sizes, so it is not solely the biggest names in the e-commerce industry that will be able to offer TLS protection for shoppers. Keeping the playing field level and encouraging security at all points of the retail scale is the best way to ensure that security is thoroughly maintained.