Welcome Futurex, a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Futurex Chief Solutions Architect, David Close, introduces us to his company and how they are helping to shape the future of payment security.
Tell us about your company.
For over 45 years, Futurex has been an award-winning leader and innovator in the encryption market, delivering uncompromising enterprise-grade data security solutions. Over 15,000 organizations worldwide trust Futurex to provide groundbreaking hardware security modules, key management servers, and cloud HSM solutions.
Futurex is headquartered outside of San Antonio, Texas, with regional offices worldwide and over a dozen data centers across five continents, Futurex delivers unmatched support for its clients’ mission-critical data encryption and key management requirements.
Why did your company decide to become a Principal Participating Organization?
Futurex has decades of experience securing global payment ecosystems, and payment cryptography remains one of our deepest areas of technical expertise. At the same time, our reach extends far beyond payments into government, cloud, telecom, and enterprise environments, where strong cryptographic foundations are equally critical. Becoming a PPO allows us to bring this combined expertise, rooted in payments but informed by broader industry practice, directly into the evolution of PCI standards. Participating at this level helps us contribute meaningfully to the Council’s mission, ensuring the standards remain relevant, scalable, and future-ready.
Which benefits are you most looking forward to as a Principal Participating Organization?
We're particularly excited about contributing to the Roadmap Roundtable Group and Technology Guidance Group, which allows us to share both payment-focused and cross-industry insights with the PCI SSC leadership. These forums provide a valuable channel for shaping standards and strategic priorities. We also look forward to participating in Task Forces, Special Interest Groups, and the RFC process to help guide major revisions.
Why is it important for companies to get more involved with the PCI Security Standards Council, especially at the Principal Participating Organization level?
The Council addresses foundational security topics such as cryptography, identity, secure architecture, and key management. These topics extend far beyond payment transactions. When organizations participate more deeply, the standards become more practical, forward-looking, and representative of modern environments. PPOs have direct influence on major revisions, strategic planning, and technical direction, helping ensure the standards keep pace with cloud transformation, distributed architectures, and post-quantum transition. Broader participation also strengthens the global security ecosystem by bringing diverse expertise into the discussion. The more engaged the community is, the stronger and more resilient the standards become.
What are some payment security topics that you’re interested in collaborating on?
We’re interested in collaborating on crypto-agility and post-quantum readiness, especially as payment systems prepare for long-term cryptographic transitions. Centralized and scalable key management is another important topic, including its application in multi-cloud and hybrid environments. We also want to support work on secure orchestration, automation, and lifecycle governance for high-assurance cryptographic operations. These areas directly impact payment security while also benefiting other sectors that rely on similar cryptographic foundations. Our goal is to help advance standards that are robust for today’s payment needs and adaptable for the technologies and threats of the future.
