PayThink

New security standards are just in time for instant issuance

Register now

When credit card fraud occurs, the last thing consumers want to do is wait for access to their financial accounts.

One option is instant issuance of payment credentials with strong payment card industry card production and provisioning (PCI-CP) compliance.

Widely regarded as the most robust security standard in the payment card industry, PCI-CP represents the next step in the evolution of compliance. And it couldn’t come at a better time.
PCI-CP is a payment card industry data protection standard that’s designed to specify security controls for card production and provisioning customer payment information on cards. As far as card production is concerned, that can include any number of tasks, including card manufacturing, magnetic-stripe card encoding and embossing, chip initializing, embedding and personalization, or even card storing, packaging and mailing. Meanwhile, card provisioning refers to the process of adding cardholder account information.

By allowing instant issuance to be executed from the most secure infrastructure available, PCI-CP introduces greater flexibility and protection than a previously created standard — PCI-DSS. Although the rise of e-commerce delivered a new degree of convenience for consumers, it also ushered in plenty of credit card fraud. Between 1988 and 1998, Visa and Mastercard lost $750 million to credit card fraud.

In an effort to curb this rash of crime, the two credit card giants as well as several other leading brands — including American Express, JCB and Discover — developed security standards of their own. However, difficulty in achieving compliance from merchants eventually led to the downfall of these company-specific standards.

With credit card fraud still very much an issue, each of the five credit card companies partnered with one another to create a single, comprehensive security standard — PCI DSS. Continued enhancements of the standard, such as the release of version 1.1, were also accompanied by the establishment of a PCI Security Standards Council (PCI SSC) in 2006. This council later served as the key driver behind updates to the PCI-CP standard. Launched in 2017, version 2.0 of PCI-CP strengthens physical and logical access to payment materials to help protect against fraud, regardless of what payment instrument is used.

Financially empowering consumers who have fallen victim to fraud starts with adhering to standards like PCI-CP. After all, instant issuance is only valuable when paired with strong security. That’s where PCI-CP can make all the difference.

Among the most immediate benefits of complying with PCI-CP is an enhanced customer experience. Expected to surpass $12 billion by 2020, U.S. card fraud is becoming an increasingly significant issue. Although PCI-CP isn’t poised to eliminate every type of card fraud, it can go a long way toward helping you issue secure payment credentials faster than ever before and ultimately create a top-notch customer experience.

Instead of waiting days to regain their purchasing power following a credit card theft or breach, consumers can securely access their financial accounts through instant payment card issuance. Financial institutions that adopt PCI-CP by encrypting cardholder data, restricting the sharing of such data within an organization and limiting access to internal networks, also stand to limit the risk of fraud and thereby improve their reputation among consumers. Rather than worrying about whether their data is in the wrong hands, consumers can rest assured PCI-CP will provide enhanced controls and protections on cardholder data compared to PCI-DSS.

One of the easiest ways to improve the customer experience as well as security and assurance is by engaging with an industry vendor who has the ability to provide an instant issuance solution and ensure compliance with PCI-CP. Not only can such a provider free up IT and security teams that were previously responsible for maintaining an in-house issuance solution, but the increased flexibility of the cloud also promises to enhance the overall experience for customers.

In the era of instant issuance, maintaining security and assurance is crucial. Provide the speed today’s consumers crave while also taking security into account. Whether it’s conducting annual testing of who has access to a network or working with a vendor who can securely issue payment credentials, taking steps to comply with safety standards like PCI-CP makes it easy to cater to consumers while also curbing fraud moving forward.

For reprint and licensing requests for this article, click here.
Security risk Payment fraud Cards Risk Payment processing ISO and agent
MORE FROM PAYMENTSSOURCE