Larger retailers are starting to improve their PCI compliance, with the 18 percent compliance for Level 1 merchants reported a year ago having almost doubled today, according to Visa numbers reported in a Digital Transactions story.
The story also reports that Visa two weeks ago sent a letter to acquirers, processors, software developers, and independent sales organizations listing half a dozen software vendors whose POS products have been shown in data breaches to have stored card data. Visa wants to discourage retailers from using the software but is also refusing to say which applications it wants shunned.
Ostensibly, the rationale is to privately circulate the names to select parties while minimizing the damage done to the software companies. But if they are creating POS software that violates PCI rules, why protect them?