Although PCI-DSS is a well know security compliance standard for payment cards, this research is asking whether or not PCI is sufficient, either because it doesn't go far enough, or because it is not enforced. Either way, more needs to be done to protect the banks' customers.
New research by the Ponemon Institute commissioned by Gemalto is showing there is a critical need for organisations to improve their payment data security practices, with only 44 percent of respondents actually using end-to-end encryption on payment data. The survey of more than 3,700 IT security practitioners from more than a dozen major industry sectors also revealed that a full one-third of those surveyed said compliance with the PCI DSS is not sufficient for ensuring the security and integrity of payment data.