Celebrating 20 Years

of helping to secure payment data worldwide!

We thank the payments industry for 20 years of community of collaboration that has helped to shape the advancements and evolution of payment security.

Celebrate 20 Amazing Years at a 2026 PCI SSC Event

North America
Community Meeting

15 – 17 September 2026
Vancouver, Canada

Europe
Community Meeting

20 – 22 October 2026
Edinburgh, Scotland

Asia-Pacific
Community Meeting

11 – 12 November 2026
Kuala Lumpur, Malaysia

Share your Favorite PCI SSC Memory!
Your memories may be featured here or at a PCI SSC event.

20 Year History of PCI SSC​

  • PCI SSC founded

    Sep 2006

  • First Release of PCI DSS

    Sep 2006

  • Council hired first General Manager, Bob Russo

    Mar 2007

  • PCI SSC Board of Advisors was seated with 31 members

    May 2007

  • First smartphone released

    Jun 2007

  • FIRST NORTH AMERICA COMMUNITY MEETING TAKES PLACE IN TORONTO.

    Sep 2007

  • PIN-Entry Device (PED) Security Requirements Added

    Dec 2007

  • PA DSS v1.0 published

    Oct 2008

  • FIRST EUROPE COMMUNITY MEETING TAKES PLACE IN BRUSSELS.

    Oct 2008

  • Mobile payment market reached $69 billion in sales

    Jan 2009

  • Guidance on wireless security published

    Jul 2009

  • An e-commerce user purchased a $240k luxury brand car via a smartphone

    Jan 2010

  • Launched ISA Program

    Apr 2010

  • Council hired first European Director

    Jul 2010

  • PCI DSS v2.0 published

    Oct 2010

  • Issued guidance on tokenization

    Aug 2011

  • PIN v1.0 published

    Sep 2011

  • P2PE v1.0 Published

    Sep 2011

  • HSM v1.0 Published

    May 2012

  • First Asia-Pacific Community Meeting takes place in Kuala Lumpur

    Jun 2012

  • Best practices for mobile published

    Sep 2012

  • ATM Best Practices issued

    Jan 2013

  • Card Production Security Requirements

    May 2013

  • PCI DSS v3.0 published

    Nov 2013

  • Mobile payment market tops $500 billion in sales

    Jan 2014

  • First global mobile payment platform introduced

    Oct 2014

  • PCI DSS v3.1 published

    Jun 2015

  • Tokenization Product Security Guidelines published

    Aug 2015

  • U.S. began migration to chip

    Oct 2015

  • TSP Security Requirements v1.0 published

    Dec 2015

  • Internet of Things gained momentum

    Jan 2016

  • First Regional Director Brazil and LAC hired

    Jan 2016

  • PCI DSS v3.2 published

    Apr 2016

  • Massive DDoS attacks occured

    Oct 2016

  • PCI SSC Issued Multi-Factor Authentication Guidance

    Jan 2017

  • Hackers gain momentum with ransomware attacks

    May 2017

  • Brazil Regional Engagement Board (REB) launched

    Jan 2018

  • Mobile payment market tops $700 billion in sales

    Jan 2018

  • Global Executive Assessor Roundtable (GEAR) launched

    Feb 2018

  • SPoC v1.0 published

    Mar 2018

  • First Regional Director India hired

    Apr 2018

  • First Regional Director Japan hired

    Apr 2018

  • Published Software Security Standards Framework

    Jan 2019

  • PCI hosted India Forum

    Mar 2019

  • CPoC v1.0 published

    Dec 2019

  • COVID-19 Pandemic began

    Jan 2020

  • UnionPay joins as Strategic Member

    Nov 2020

  • Secure Software Lifecycle (SLC) v1.0 and Secure Software v1.0 published

    Jan 2021

  • 6.4 billion smartphone users worldwide

    Jan 2021

  • PCI SSC launched Work from Home Security Awareness Training

    Feb 2021

  • Issued Remote Assessment Guidelines

    Sep 2021

  • MPoC Standard v1.0 published

    Jan 2022

  • First Asia-Pacific Regional VP hired

    Jan 2022

  • PCI DSS v4.0 published

    Mar 2022

  • BoA expanded to 53 seats

    Jan 2023

  • Principal PO level launched

    Jan 2023

  • Council hired Gina Gobeyn as Executive Director

    Jan 2024

  • Council hired Diana Greenhaw as Head of Education & Engagement

    May 2024

  • Council hired Deanne Zettler as Head of Product & Technology

    Jun 2024

  • PCI Board of Advisors expanded to 64 seats

    Jan 2025

  • Inaugural India-South Asia REB seated

    Feb 2025

  • Product Families introduced

    Feb 2025

  • Goods and services projected to exceed $52 trillion in 2026

    Jan 2026

  • PCI SSC Milestone
  • Industry Milestone

Celebrating Bob Russo’s Legacy in Payments

Twenty years ago, payment brands worked together to launch the PCI Security Standards Council. The Council’s first Executive Committee recognized the need for external leadership for the Council—a General Manager to serve as the organization’s spokesperson and drive the operations of the organization. Many candidates applied for the role, but all agreed on the right person for the job—Bob Russo.

For many of the Council’s early years, Bob was the face of the PCI SSC. His stage presence helped turn the Community Meetings into “can’t miss” industry events, his outreach led to the growth of our Participating Organization program, and his vision led to the expansion of our training and standards programs. That’s why we feel such profound sadness to share the news that Bob passed away October 13, 2025, after a brave fight with cancer.

For those that knew him well, we will carry his memory with us forever. The best way we can honor him is to carry forward his passion for this community, his commitment to doing the right thing, and his relentless drive to make a difference.

Please join us in remembering Bob, and do keep his family—his wife Maria, his sons Anthony and Steven, his son Rob’s widow Yvonne, and their families in your hearts. And if you’re inclined, please help “Kick Cancer’s Ass” (in Bob’s words) by donating to the Jimmy Fund.

Join PCI SSC​

join-wide.jpg

Collaboration is at the heart of the Council’s mission to help secure payment data globally. Now there are even more opportunities for participation and collaboration with three levels of involvement: Principal Participating Organizations (POs), Associate Participating Organizations (POs) and Individual Participants.

join-image.jpg