GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Long live the check

Patti Murphy
ProScribes Inc.


Industry Update

Ruling a window to hot legal topic

NFC not paramount in expert testimony

NRF will try to block settlement

PCI SSC offers IT accreditation program


GS Advisory Board:
Views on Visa's FANF

Research Rundown

Meet The Expert: Rick Slifka

Consumer payment habits

Why advertise?

Selling Prepaid

Prepaid in brief

Is direct deposit the secret to prepaid's future?

Players profit from open currency


Check fraud is the problem, RDC is a solution

Patti Murphy
ProScribes Inc.


Street SmartsSM:
Start with a strong foundation

Jeff Fortney
Clearent LLC

Stage set for expansion of mobile payments

Henry Helgeson
Merchant Warehouse

The mobile app's role in marketing and sales

Ron Tunick ('Coach')
Nations Transaction Services

New era, same old game for MLSs

Dale S. Laszig
Castles Technology Co. Ltd.

Prepare for the mPOS wave

Rick Berry
ABC Mobile Pay Inc.

Health-care fraud: Back with a vengeance

Nicholas Cucci
Network Merchants Inc.

Company Profile

Central Payment Co. LLC

New Products

A POS for Main Street merchants

CardWare International

Bringing social order to business

The Social Merchant
The Social Merchant


A lesson from the Greeks



2012 events Calendar

Resource Guide


A Bigger Thing

The Green Sheet Online Edition

September 24, 2012  •  Issue 12:09:02

previous next

PCI SSC offers IT accreditation program

The Payment Card Industry Security Standards Council (PCI SSC) introduced an open accreditation program designed to certify information technology (IT) professionals on their knowledge and understanding of the Payment Card Industry (PCI) Data Security Standard (DSS). This news arrives as the council assesses feedback from its community of participating organizations on version 2.0 of the PCI DSS and the Payment Application (PA) DSS.

The new certification program, called the PCI Professional (PCIP) program, is geared toward individuals and does not require company sponsors. Thus the certificate is transferable from one employer to another. The program offers payments industry tutoring and, once the professional succeeds in passing the exam, a place on a searchable PCIP certificate list on the PCI SSC website.

The PCIP course is web-based and concentrates on the fundamental principles and procedures of the PCI DSS. Certification candidates have 30 days to complete the course. The first course begins Nov. 1, 2012, but testing is available now. Professionals may elect to forgo the instructional portion of the program and just take the test.

The tests may be taken at any of the more than 4,000 Pearson VUE Testing Centers around the world. Those who already hold Internal Assessor and Qualified Security Assessor certification can add the PCIP credential to their list of professional achievements by simply registering with the PCI SSC. Candidates need two years of IT experience to take the course and/or exam. PCIP-certified professionals must recertify every two years.


PCI SSC General Manager Bob Russo compared the PCIP program to the Certified Information Systems Security Professional (CISSP) certificate offered by the non-profit IT security professional-focused International Information Systems Security Certification Consortium.

"When we introduced the PCI DSS, we created a huge market for Qualified Security Assessors and Internal Security Assessors," Russo said. "ISAs wanted to know what assessors were looking for coming in. They wanted to know how to get ready for the assessment. This program helps companies that want to do their own assessments but need background on the payment card industry." Russo said test questions were developed by the council internally. The certificate provides a competitive advantage to IT professionals because it validates expertise and opens doors to more opportunities and rewards, he noted.

Feedback on PCI standards

The PCIP certificate program was launched the same week the council released industry feedback on version 2.0 of the PCI DSS and PA DSS. Version 2.0 is scheduled for release in October 2012. The feedback was offered from organizations and individuals across the spectrum of the payments industry. The council said more than 90 percent of the feedback concerned the PCI DSS - the main standard comprised of 12 overarching requirements.

The suggestions for improving the standard include:

For additional news stories, please visit and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios