Talk:Payment Card Industry Data Security Standard

From Wikipedia, the free encyclopedia
Jump to: navigation, search

New Section or Cross Reference Request[edit]

List each of the PCI SSC council certifications and what each does. QSA, ISA, PCIP Arctific (talk) 15:47, 29 July 2016 (UTC)

Compliance and compromises[edit]

The first and second paragraphs here are nonsense. The first paragraph claims it is a "common misconception" that PCI-compliant firms have had security breaches, without any citation, before introducing two cited examples of exactly that happening. The second paragraph essentially states that a compromise of a compliant system is probably due to a failure to maintain compliance and a failure of the assessor to assess compliance. It is suggested that neither of these failures are the fault of the standard, while dressing the standard as a victim using loaded words such as "blasting" to describe criticism. Most of this is also without citation.

Unless anyone disagrees, I'll be rewriting this section shortly. --Suction Man (talk) 17:04, 30 July 2014 (UTC)

Agreed, this section reads like the words of someone trying to defend the standard, but it's poorly written and the defenses seem to be unsourced, unlike the criticisms. This is a common point of contention though, so a reflection of the criticisms and defenses are still warranted here. If you can find sources for the "they weren't actually compliant at the time of the breach" defense, that would be ideal. Exponium (talk) 21:57, 30 July 2014 (UTC)

consistent wikilinks without capitalization for "interactive voice response"[edit]

Recently, my edit which downcased "interactive voice response" was reverted. There are presently two mentions of IVR in this article, both of which are wikilinked to the interactive voice response article, and only one of which I downcased. The IVR article, rightfully so, is not capitalized; it is not a proper noun, which is practically the only reason all three words should be capitalized (for example, if some company called themselves "Interactive Voice Response"). My edit should have stood, if nothing else for consistency with the earlier mention in the article. It also eliminates a redirect. Rather than get into an "edit/revert war," I thought I would make my case for why my edit was proper on the talk page instead, and let more of the Wikipedia community decide. -- Joe (talk) 11:14, 15 April 2016 (UTC)