How Independent Are PCI's Software Testers?

Fellow blogger Steve Sommers, over at Shift4, has been following up some of his sharper comments from last week about PCI's efforts to charge listing fees to get on the official list of PCI-compliant applications. He made such an elegantly clean argument on Tuesday, I felt the need to share.

"PCI's justification for the fee is that they want to be self sufficient and independent for the card brands. This is good in theory if you ignore two glaring obstacles," he wrote. "First, the card brands make up the entire executive committee. And two, a majority of the General Managers and Working Group Chairpersons (possibly all, some titles are missing) are people that represent the card brands." I've disagreed with Sommers from time to time, but that's a hard argument to ignore.