WASHINGTON (Legal Newsline) – The Federal Trade Commission has ordered nine companies to provide the agency with information on their practices of assessing businesses’ compliance with the Payment Card Industry Data Security Standards (PCI DSS).
Retailers or other businesses that process more than 1 million card transactions annually must endure PCI DSS audits as required by the major payment card issuing companies. These audits seek to make sure consumers' personal information stays protected.
The companies that received the FTC orders are Foresite MSP LLC, Freed Maxick CPAs P.C., GuidePoint Security LLC, Mandiant, NDB LLP, PricewaterhouseCoopers LLP, SecurityMetrics, Sword and Shield Enterprise Security Inc., and Verizon Enterprise Solutions (also known as CyberTrust).
The FTC seeks details on the assessment processes used by the companies. The information it gathers will be used to study the climate and state of PCI DSS assessments.
The FTC voted 4-0 to issue the orders.