The PCI Security Standards Council (PCI SSC) in February announced that Michael Mitchell, vice president, Global Network Operations for American Express, has been appointed as chairperson of the PCI Security Standards Council for 2012. Briefly, PCI DSS is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS)
Mitchell succeeds Eduardo Perez, head of global payment system risk, Visa Inc., who held the position for the 2011 term. Under Perez’s leadership the Council adopted and announced PCI PIN Security Requirements; published point-to-point encryption solution requirements for hardware-based solutions; issued guidance in key areas including tokenization and wireless technology implementation; and implemented updates to its PIN Transaction Security program to include for the first time protection of account data on non-PIN devices. In 2012, the Council will focus on gathering feedback from the payment security community and helping to steer the payment security standards to address emerging payment channels and evolving technologies.
Engaging the PCI community with new opportunities for participation and a dedicated period for collecting and sharing feedback
– Delivering guidance on e-commerce security, cloud computing and risk assessment through PCI SSC Special Interest Groups (SIGs).
– Continued focus on technologies that offer PCI DSS scope reduction for merchants, including point-to-point encryption and tokenisation
– Expanding the current PCI SSC training offerings program to continue to increase payment card security expertise globally.
“2012 will bring a number of new challenges and opportunities for the Council and its stakeholders,” said Mitchell. “From continuing to evaluate how emerging payment technologies affect the PCI Standards, to working with stakeholders to best leverage their insights through our feedback period, this is going to be an exciting year! As chairperson, I look forward to working with the Council, our Board of Advisors and more than 600 Participating Organizations to improve cardholder data security.”
With 15 years at American Express, Mitchell has experience managing global processes and programs designed to improve payment security. In his current role as Vice President of Global Network Operations, he is responsible for the secure processing of payment data throughout the entire transaction lifecycle. This includes information security policy, numerous risk management functions and global compliance operations.
“Continuing to drive awareness around payment security and providing the resources our stakeholders need to implement strong PCI security programs is a key focus for the Council in 2012,” said Bob Russo, general manager, PCI Security Standards Council.
About the PCI Security Standards Council
The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has over 600 Participating Organisations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally visit: http://pcisecuritystandards.org.
