Spotlight On: Stripe, a New Principal Participating Organization

AndyC 15 April 2026

Welcome Stripe, Inc., a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Stripe, Inc.

Spotlight On: Stripe, a New Principal Participating Organization

Spotlight On: Stripe, a New Principal Participating Organization

Welcome Stripe, Inc., a new Principal Participating Organization (PPO) at the PCI Security Standards Council! In this special spotlight edition of our PCI Perspectives Blog, Stripe, Inc. Head of Standards Advocacy, Sean Estrada, introduces us to his company and how they are helping to shape the future of payment security.

Tell us about your company.

Stripe builds economic infrastructure for the internet. As a global payment platform, we enable millions of businesses—from small startups to major enterprises—to accept payments, manage their finances, and scale internationally. Our core commitment is to provide tools that are secure, reliable, and offer the flexibility developers need to innovate and rapidly deploy new commerce experiences.

Why did your company decide to become a Principal Participating Organization?

Stripe decided to become a PPO to work closely with the Council on the evolution of global payment security standards and ensure that they continue to remain flexible for the many ways that card-based payments are accepted in the internet economy. We believe that security and compliance should be both flexible and developer-friendly, removing complexity where possible. Our unique position allows us to advocate for payment standards on behalf of our users and platforms that support and enable the rapid innovation and customizability that exists today.

Which benefits are you most looking forward to as a Principal Participating Organization?

We are looking forward to working with the Council and fellow PPOs to promote practical and flexible compliance frameworks. As an example, the Self-Assessment Questionnaires (SAQs) were created at a time when payment acceptance online was linear in nature, with clearly defined roles that were reflected in the questionnaires. We are looking forward to direct engagement and collaboration with the Council, payment brands, and fellow PPOs to help shape guidance on emerging architectures, like how cloud-native payments and platform models require security standards that are adaptable and scalable, rather than rigid and prescriptive. Our goal is to translate complex security requirements into streamlined solutions for developers and businesses globally.

ppo-600x150

Why is it important for companies to get more involved with the PCI Security Standards Council, especially at the Principal Participating Organization level?

As an organization at the nexus of technology and commerce, Stripe has unique insights into both the technical realities, and the security needs of the contemporary market. Involvement at the PPO level is critical because it ensures that those building and operating the next generation of commerce are integral to defining its security standards. As an industry, we need to work together to develop standards that allow for flexibility while maintaining the highest levels of data security. This type of collaboration and partnership is how we future proof the industry.

What are some payment security topics that you’re interested in collaborating on?

We are interested in collaborating on topics that modernize compliance through a platform lens, ensuring the standards keep pace with technology:

  • Securing the Future (Agentic Commerce): Addressing the emerging capabilities and risks of AI-Driven Commerce. This includes defining the security boundaries for payment data protection when transactions are initiated or executed by autonomous Agentic Commerce systems and defining the new Cardholder Data Environment (CDE) perimeter.
  • Identity and Authentication: Enhancing standards around consumer and business identity verification throughout the payment lifecycle, including stronger multi-factor authentication, improving the 3D Secure experience, and looking to new technologies such as passkeys.
  • Global Regulatory Convergence: Collaborating with the Council to harmonize PCI requirements with other global regulatory mandates to move towards a more unified, streamlined security framework.
  • Next-Generation Fraud Mitigation: Collaborating on best practices and standards for real-time fraud detection and prevention, including the role of machine learning, behavioral analytics, and shared intelligence to manage emerging payment fraud vectors.

Learn More About Principal Participating Organizations

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , ,

What do you feel about this?

More Stories

Spotlight On: Stripe, a New Principal Participating Organization

Spotlight On: Stripe, a New Principal Participating Organization

AndyC 15 April 2026
Coffee with the Council Podcast: A Panel Discussion on Cryptography

Coffee with the Council Podcast: A Panel Discussion on Cryptography

AndyC 2 April 2026
The AI Exchange: Innovators in Payment Security Featuring Flywire

The AI Exchange: Innovators in Payment Security Featuring Flywire

AndyC 31 March 2026
Denver’s crosswalks hacked to broadcast anti-Trump messages

All aboard: the NIST Cybersecurity for IoT Program is headed to our next stop! Share your input on where we’re headed during our Future Directions Two-Day Workshop on March 31st.

AndyC 21 March 2026
The AI Exchange: Innovators in Payment Security Featuring Toast, Inc.

The AI Exchange: Innovators in Payment Security Featuring Toast, Inc.

AndyC 18 March 2026
Spotlight On: Amazon, a New Principal Participating Organization

Spotlight On: Amazon, a New Principal Participating Organization

AndyC 12 March 2026

You may have missed

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

AndyC 15 April 2026
Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

Recovery scammers hit you when you’re down: Here’s how to avoid a second strike

AndyC 15 April 2026
Spotlight On: Stripe, a New Principal Participating Organization

Spotlight On: Stripe, a New Principal Participating Organization

AndyC 15 April 2026
Spotlight On: Stripe, a New Principal Participating Organization

Spotlight On: Stripe, a New Principal Participating Organization

AndyC 15 April 2026

Can Your Wearable Health Monitors Be Compromised?

AndyC 15 April 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.