Welcome Cartes Bancaires, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Cartes Bancaires’ Executive Vice President, Projects & Expertise Division Pierre Chassigneux introduces us to his company and how they are helping to shape the future of payment security.
Tell us about your company.
Cartes Bancaires (CB) is the French domestic card scheme and largest domestic scheme in Europe, the leading payment brand in France. CB was founded in 1984 by major French banks, and now has over 130 members, including card issuers and acquiring organizations. CB was the first card scheme to develop and use chip cards in the late 1980s and has since continuously developed card and mobile payments by integrating the latest technological and security advancements to make payments more convenient, efficient, and secure. In 2022, there were 76 million active CB-branded cards and over 15 billons CB transactions processed.
Why did your company decide to become a Principal Participating Organization?
CB is a pioneer in the domain of card-based payments (card payments and ATM withdrawals were made possible in France since the 1960s). Since then, we have developed a strong expertise in developing, deploying, and securing card payments. As the payment landscape became increasingly global, we first joined PCI SSC as a Participating Organization and adopted several PCI standards as part of our own approval processes. Becoming a PPO was a logical next step, which helped us foster the interests of our members from a regulatory perspective, sharing our vision about the future of payments, and collaborating with international peers.
Which benefits are you most looking forward to as a Principal Participating Organization?
We are most interested in contributing to the Roadmap Roundtable Group and Technology Guidance Group. We value the opportunity that’s given to us to “have a seat at the table” and participate more directly in the strategic choices which will be made and to help tackle the next challenges in payment security.
PCI SSC is the perfect place to work more closely with industry leaders on the development of new standards and to discuss current standards direction. So far, the meetings we have had were extremely interesting and we are very proud and honored to be part of this group.
Why is it important for companies to get more involved with the PCI Security Standards Council, especially at the Principal Participating Organization level?
The card payment sector is diverse, international, and quickly evolving. We encourage organizations to get more involved with PCI SSC, as we believe they all have interesting stories to tell, expertise to share, and points of view that can help shape the standards we’ll all be using in the industry.
PCI SSC has changed and shaped payment security for the last two decades, and we feel that PPOs have a key role in ensuring that the payment industry addresses security in a meaningful and consistent way.
What are some payment security topics that you’re interested in collaborating on?
Given our ongoing projects in the French market, we are most interested in topics such as mobile payments and acceptance, tokenization services, and remote commerce. Existing standards also retain our attention, in particular PCI PTS, PCI PIN, PCI Card Production and PCI HSM which we use and promote extensively.
There are big changes ahead of us, driven by a global move to Cloud solutions, the adoption of modern payment acceptance solutions using open operating systems, not to mention the threat of quantum computing to currently used cryptographic mechanisms. We feel that these standards are great foundations to build on.