The PCI Security Vendor Alliance is increasing its marketing to retailers and etailers that need to become compliant with the Payment Card Industry Security Standards Council’s Digital Security Standard, with the launch of a new web site.
The SVA, a vendor coalition unaffiliated with the PCI itself, has opened pcisolutionstool.com, which is intended to connect merchants with vendors that could help them fill the gaps in their DSS compliance.
The site hosts a Q&A tool designed to help merchants figure out which bits of the PCI’s DSS spec they are not in compliance with, and a series of web pages that matches the DSS’s sections and subsections with the products that may be able to help them reach compliance.
The site only refers merchants to vendors that are paid-up members of the SVA.
The DSS is a set of guidelines for securing credit card data mandated by the PCI, a group led by the big five credit card companies — Visa, Mastercard, American Express, JCB and Discover. Large merchants accepting these cards need to comply with these security specs.
The SVA is comprised of 35 security vendors that are mostly privately held and fairly young, including ArcSight, Protegrity, ConfigureSoft, Cyber-Ark and Breach. Previously, the PCI proper has expressed concern that merchants may think the two groups were affiliated.
The SVA’s new web site, pcisolutionstool.com, contains the text, in a prominent red typeface, NOTE: THIS IS NOT THE PCI Security Standards Council!!! lest there be any more confusion.