In response to the controversy about PCI compliance being a law, I can’t help but give my own view about the whole matter.
First, as a consumer and a loyal cardholder, I rely on credit cards for my regular transactions – groceries, bills, and other stuff. These cards are my constant wallet companions. And because I use them on a regular basis, I am also obliged to pay for them. No matter how difficult it seems sometimes, I always make the deadline. So on behalf of all the other loyal cardholders out there who keep their obligations, don’t we deserve the same effort from these credit card companies when it comes to securing our usages free and safe from criminal activities? We use the card so don’t we at least have the right to be protected?
Second, penetration testing, network security assessment, and all the other procedures required by PCI compliance are meant not only to protect credit information of consumers and cardholders, but they’re also meant to secure card transactions and the rights of both the merchants and the credit card companies too. So why should it be refused? In the end, even if will entail a great cost and some huge changes, it will ultimately benefit all of us, right? So why do we hesitate?
I say, if you don’t like the changes, don’t use the cards. It’s that simple.