At one of my previous jobs we had a client who's organisation was crazy about security of the customer data, such as credit card numbers or billing info. They wanted to make their online store to be PCI compliant. Payment Card Industry Data Security Standard (PCI DSS) is a worldwide standard that was created to increase control around cardholder data to reduce credit card fraud via its exposure. However it does not mean that this standard makes merchants more secure. In fact there are some new vulnerabilities that I am going to show you in this article.