We are proud to announce that two security experts from Pismo are joining one of the most important standards organisations in the financial industry – the Payment Card Industry Security Standards Council (PCI SSC).
Leonardo Carmona, Chief Information Security Officer at Pismo, and Thiago Lopes, Information Security Manager, will be members of the Brazil Regional Engagement Board (REB). The REB is an advisory board of the PCI SSC – the organisation that manages the PCI Data Security Standard (PCI DSS), the primary security norm for organisations that handle credit cards.
The Brazil REB brings together representatives from the Brazilian payments industry – including vendors, merchants, processors, service providers, banks, and industry associations. The board will meet regularly to discuss security issues, trends, and market changes throughout the year.
“Our main reason for joining the Council is helping it define the next generation of security standards for payments,” says Carmona. “We are going to inspect the whole body of standards, take note of rules that can be improved and then present our recommendations to the Council.”
Current rules require, for example, that users change their passwords frequently. “However, studies have shown that when users have to change passwords often, they tend to choose simpler passwords – which may compromise security. Instead, we can adopt measures like two-factor authentication or biometry,” argues Carmona.
“We will interact with other companies that also take part in the Council to discuss how we can improve the standards,” says Thiago.