Why PCI isn’t enough to ensure data security today?

Ounce Labs thinks it’s critical for consumers to know that, in many instances, their credit card data is still not secure:

• Compliance statistics are miserable with less than 50% of merchants able to meet the minimum standards of PCI DSS.
• Even when merchants do comply, some portions of the standard are worded in ways that are open to interpretation.
• Published reports have appeared that some unscrupulous auditors are taking advantage of non-compliant merchants by forcing them to utilize the auditors compliance services in order to pass – a blatant conflict of interest that compromises the integrity of the PCI audit process.

Read more here