Wednesday, June 17, 2009

PCI Generating no fraud prevention ROI

According to a guest editorial on StorefrontBacktalk by David Taylor, founder of the PCI Knowledge Base and a former E-Commerce and Security analyst with Gartner, PCI-compliance has not had any significant impact on fraud detection. The idea that PCI compliance would translate into profits for the merchant due to fewer chargebacks, less internal fraud and a lower risk of security breaches does not appear to be materializing for most merchants.

"Many risk managers," notes Taylor, "find the PCI controls valuable in catching cases of internal fraud, such as by call center employees or IT department employees. But the main task of fraud management – reducing external fraud – is not really helped, on a day-to-day basis, by PCI-mandated controls or the reporting tools that are available to monitor these controls."

No comments:

Web Analytics