PCI Council Says Threats to Payments Systems Are Speeding Up

According to a recent report on the payment card industry (PCI), the trade group's mandate is being expanded, and there is a greater need for international coordination to handle increasingly complex threats. Training, education, cooperation, and outreach efforts carried out all year long to promote payment security globally for merchants, retailers, and vendors were highlighted in the PCI Security Standards Council's (SSC) 2025 annual report. The group hasn't released a report since its establishment in 2006.

According to Gina Gobeyn, executive director of the PCI Security Standards Council, the report was necessary to increase transparency regarding the goal and direction of the council. According to the report, threats are increasing along with the rate of change in payments.

According to him, fragmentation issues can be resolved by taking part in industry forums and feedback cycles. Related: Concerns About Vulnerability Database Fragmentation Are Raised by Europe's GCVE He tells ZeroOwl, "There is a growing imperative to look beyond local initiatives to align with global best practice." "Vulnerabilities spread quickly, but payment ecosystems vary by market."

Importantly, he continues, threat actors don't care about national boundaries, but payment infrastructures are intricately linked between issuing banks, retailers, service providers, and technology suppliers. According to Penolver, organizations can adopt best practices more successfully and lessen fragmentation by implementing internationally coordinated defensive strategies. ## International Coordination Is Getting Harder Threats are growing more complex, and Gobeyn cautions that technologies like artificial intelligence are strong enablers of innovations that can also be used maliciously.