PCI DSS
Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded debit/credit cards from the major card schemes.
The PCI Standard is defined by the card brands and managed by the Payment Card Industry Security Standards Council.
What are the benefits of PCI DSS COMPLIANCE?
- Security improvement – Reduces the risk of data breaches
- Peace of mind for you and your customers
- Boost in customer confidence, thus better customer relationship
- Increasing profits through improved brand reputation
- Compliance helps avoid expensive fines
Who should get the PCI DSS Compliance?
PCI DSS compliance is a requirement to merchants and other organizations that store, process and/or transmit cardholder data.
Every payment card brand has recommended certain requirements for compliance validation and reporting.
To put in simple terms, PCI Compliance is required by companies using payments cards to make online transactions secure and protect them against identity theft.
What are the requirements of PCI DSS Compliance?
12 critical requirements as defined by PCI DSS as a set of security controls that organizations have to implement to protect debit and credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).
The specific requirements are defined and are managed by the Payment Card Industry (PCI) Security Standards Council.
Major aspects of PCI DSS requirements are as follows:
- Build and maintain a Secure Network
- Install and have an updated firewall configuration to protect cardholder data
- Never use vendor-shared defaults for system passwords and other security parameters
- Protect Cardholder Data
- Secure stored cardholder data
- Cardholder data transmission must be encrypted across open, public networks
- Maintain a Vulnerability Management Program
- Antivirus software must be regularly updated
- Develop and maintain secure systems and applications