Great
Security standard determined by lowest common demoninator rather than what's necessary to be a useful and reasonably secure standard.
PCI wasn't a particularly strong standard to begin with. Now they're weakening themselves.
It takes about 15 minutes to get a replacement certificate and swap it out. As somebody else suggested above: if they had an incentive, they could do it.
So bottom line is: PCI is weak and has no teeth.
Biting the hand that feeds IT
