$200bn of credit card transactions will not meet PCI Security Standards in 2007

ExaProtect calculates that over $200 billion in consumer and business credit card transactions made during 2007 will not meet the data security standards managed by the Payment Card Industry (PCI) Security Standards Council.

Despite moves by the PCI Security Standards Council to encourage larger retailers and other organizations to demonstrate compliance with its 12-point Data Security Standard, half of the world’s largest merchants are not yet compliant. Furthermore, many retailers do not have a timetable for achieving compliance in place before the anticipated June 2007 deadline.

ExaProtect says this puts transactions with a value exceeding $200 billion potentially at risk. To put this figure in perspective:

” A $200bn stack of one-dollar bills would be over 20,000km high: equivalent to travelling halfway around the Earth’s equator
” It is more than the cost of the Space Shuttle program from inception in 1969 to its planned retirement in 2010 ($174bn)
” It is more than double the estimated cost of the International Space Station ($100bn)
” An end-to-end chain of one-dollar bills would stretch to the moon and back, 40 times (over 31 million kilometres)

The world’s largest retailers and merchants take over 1.5 billion credit card transactions annually. Leading payments company Visa has 230 merchants that each process over 6 million transactions per year, with similar data from rivals – yet less than half can demonstrate PCI compliance.

Jean-Fran?§ois Dechant, CEO of ExaProtect said: “It’s incredible to think that such a vast amount of transactions and payments will not meet compliance standards over the coming year. Yet the compliance demands are not unreasonable given what’s at stake, and the number and sophistication of security threats today.