Read the PCI DSS and weep
PCI is both an intolerable pain in the ass to comply with and completely inadequate at protecting consumer's interests. However, when you look at it, it's all quite reasonable, in the sense that if you're going to write a box-ticking assessment standard to prove a system is secure then PCI does about as good a job as is possible. There aren't absurd pointless requirements or obvious omissions.
So the question for any such kitemark is how does it compare to PCI. Is it more onerous, in which case no-one will bother. Is it less onerous in which case it gives no meaningful assurance of anything. Is it the same, in which case no-one will bother and it gives no meaningful assurance of anything.