Payment security compliance has declined for the second year in a row, according to Verizon’s 2019 Payment Security Report which says that the number of businesses achieving and maintaining compliance has dropped to a low of just 36.7 percent worldwide.
Geographically, organizations in the Asia-Pacific (APAC) region show a stronger ability to maintain full compliance at 69.6 percent, compared to 48 percent in Europe, Middle East and Africa (EMEA) and just 20.4 percent (1 in 5) in the Americas.
“After witnessing a gradual increase in compliance from 2010 to 2016, we are now seeing a worrying downward trend and increasing geographical differences,” said Rodolphe Simonetti, global managing director for security consulting at Verizon.
“We see an increasing number of organizations unable to obtain and maintain the required compliance for PCI DSS, which has a direct impact on the security of their customers’ payment data.”
PCI DSS helps businesses that offer card payment facilities protect their payment systems from breaches and theft of cardholder data.
When Visa initially launched the PCI DSS in 2004, many assumed that organizations would achieve effective and sustainable compliance within five years.
Now, 15 years on, the number of businesses achieving and maintaining compliance has dropped from 52.5 percent (2018 PSR) to a low of just 36.7 percent worldwide.