Authentication: Interviews

The PCI Security Standards Council was established in the US by the major credit card companies in September 2006 as an independent organization to manage the Payment Card Industry Data Security Standard. In an interview, general manager Bob Russo talks about the council's efforts to administer the PCI standard amid continuing concerns about credit and debit card security. And he defends the standard, despite the recent data breaches at Hannaford Bros. and Okemo Mountain Resort.

RSA Security late last year acquired privately held Cyota, which offers online security and anti-fraud services to help financial institutions protect consumer accounts. CEO Art Coviello recently sat down with Ellen Messmer to discuss the Cyota acquisition and RSA's views on the future of authentication. With its anti-fraud services for banks, Cyota is a very different type of business than RSA Security traditionally has been in with its SecurID products for two-factor authentication and the BSAFE encryption toolkits.

Technology isn't going to protect e-commerce customers -- stronger government regulation is what will get the attention of online banks and merchants, forcing them to stop being casual about security, said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security.