In Europe, Visa officials are backing off of strict retail PCI demands, bowing to practicality. Visa described the original PCI deadlines as "unrealistic," according to this ComputerWeekly story.
"Visa and MasterCard agree that risk mitigation is of prime importance and we expect this to be done immediately," said Stanley Skogland, head of policy compliance at Visa Europe. "It does not mean that we do not expect all parts of the standard to be achieved, but we cannot expect miracles overnight."
Added Simon Langley, head of PCI DSS at KPMG: "Visa and MasterCard agreed on the standard, but compliance has not been standardized."