The PCI Council’s directions for Payment Card Industry Data Security Standards are expanding as mobile commerce grows and when combined with local differences in diverse markets, the new guidance statements can be a compliance challenge for issuers that operate in multiple nations. The use of “compliance-as-a-service,” or CaaS, to provide managed monitoring and compliance updates to keep up with changes is an emerging option for large card issuers.
