Chris Farrow: Adoption of PCI-DSS into legislation is something we’re seeing as a trend going into 2008 and through 2009. Some states have accepted parts of the system into law, and the federal governments of US and Canada are considering it. The Security Vendor Alliance was formed to help weed out those snake oil salesmen and to provide good, trusted vendors and a product certification program. The actual security of payment data, in many cases, has been compromised in the past, at least one of the applications of payment applications were compromised.”]
Source: https://www.cuinfosecurity.com/pci-update-cost-complexity-still-barriers-to-compliance-a-718