The Green Sheet Online Edition
February 11, 2008 • Issue 08:02:01
PCI - the talk of NRF 2008
C oncerns about the Payment Card Industry (PCI) Data Security Standard (DSS) were on most retailers' minds at the National Retail Federation's 97th Annual Convention & Expo, held Jan. 13 to 16, 2008, at the Jacob K. Javitz Convention Center in New York.
In a webinar recapping the show and hosted by Stores magazine, Zebra Technologies Corp. and Motorola Inc., Frank Riso, Marketing and Operations Executive for Motorola's Industry Solutions Group, said, "PCI compliance was mentioned by just about every retailer - wanting to understand it, wanting to see technology, wanting to make sure our technology complied with it."
PCI DSS was a very hot topic, he said, since all retailers have to be in compliance with it, "so we were able to demonstrate how our mobile computers as well as the access point switch, application servers and the things that we provide for a wireless backbone, all complied with the various PCI standards."
Riso emphasized that the key component of PCI is the ability to detect and block someone trying to penetrate a merchant's wireless in-store network via rogue applications and associated mobile devices.
Regarding the 12 security requirements of the PCI DSS, Riso highlighted integrated firewall protection; compliance with the latest security standards, including WPA (Wireless Protected Access) and WPA 2; and the ability to monitor wireless devices as the most important aspects of a retailer's wireless network.
Riso noted that retailers were generally concerned about PCI and confused by the requirements. They were upset about the costs of becoming PCI compliant and were not convinced becoming PCI compliant would make customer data more secure.
He also pointed out that becoming PCI compliant isn't just about technology. "There's a lot of other steps a retailer needs to go through," he said.
"The area that we got very much involved in was to demonstrate to the retailers that the data, once it was in the wireless infrastructure within the concept of your store, was protected from being detected outside the store or by anybody else.
"But as most technologists know, just about anybody can find a wireless system, but getting into the wireless system is the trick of detection and the area of PCI compliance that we were demonstrating to retailers."
According to Riso, despite a sluggish 2007 holiday season for retailers, the 2008 NRF Convention & Expo was a rousing success, with more than 18,000 attendees from over 64 countries.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.