The PCI Security Standards Council has introduced an online tool to allow retailers to give feedback on the Payment Card Industry Data Security Standard (PCIDSS).

However, retailers will need to apply to be participating members of the organisation in order to make use of the tool. A three-month feedback period on the standard began on July 1.

Relatively few UK retailers have applied to be participating members of the council so far. Those that are signed up and eligible to give feedback include Tesco, Sainsbury’s, DSGi, John Lewis
and Morrisons.

However, the council will not address the concerns of many retailers over the lack of clarity on what different sized retailers must do to achieve compliance and the fines they are receiving from acquiring banks, which originate from the card schemes.

PCI Security Standards Council technical director Troy Leach said: “It is the responsibility of the card brands to mandate compliance with the standards.

“The individual participating payment brands will separately determine what entities must be compliant, including any brand-specific enforcement programmes.”