Preview

Pci Quick Guide

Powerful Essays
Open Document
Open Document
7658 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Pci Quick Guide
PCI Quick Reference Guide
Understanding the Payment Card Industry
Data Security Standard version 1.2

For merchants and organizations that store, process or transmit cardholder data

Contents

Copyright 2008 PCI Security Standards Council, LLC. All Rights Reserved.
This Quick Reference Guide to the PCI Data Security Standard is provided by the PCI Security
Standards Council to inform and educate merchants and other organizations that process, store or transmit cardholder data. For more information about the PCI SSC and the standards we manage, please visit www.pcisecuritystandards.org.
The intent of this document is to provide supplemental information, which does not replace or supersede PCI Security Standards Council standards or their supporting documents. Full details can be found on our Web site.

03/09

Contents
Introduction: Protecting Cardholder Data with PCI Security Standards ................................... 4
Overview of PCI Requirements ...................................................................................................................... 6
PCI Data Security Standard (PCI DSS).................................................................................................... 8
Payment Application Data Security Standard (PA DSS).................................................................. 10
PIN Transaction Security Requirements (PTS) .................................................................................... 10
Security Controls and Processes for PCI DSS Requirements ............................................................. 11
Build and Maintain a Secure Network................................................................................................... 12
Protect Cardholder Data ............................................................................................................................ 14
Maintain a Vulnerability Management Program
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Lab 9
    • 1001 Words
    • 3 Pages

    Lab 9

    6. What are some options according to PCI DSS to protect external facing web applications from known attacks?…

    • 1001 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    PCI DSS and the seven domains
    • 565 Words
    • 2 Pages

    PCI DSS and the seven domains

    *Note: If third party is to host the payment process and procedure. They will be responsible to uphold the PCI DSS standards, they will be held liable if failure to maintain compliance.…

    • 565 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Is3440 Project Part 1
    • 3157 Words
    • 13 Pages

    Is3440 Project Part 1

    All security requirements for SOX, PCI-DSS, and GLBA can be achieved using Linux and open source infrastructure. Some examples of open source software that we might use are:…

    • 3157 Words
    • 13 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Nt1310 Unit 3 Assignment 3
    • 4996 Words
    • 20 Pages

    Nt1310 Unit 3 Assignment 3

    Appendix A is not a part of the requirements of this NFPA document but is included for informational purposes only. This appendix…

    • 4996 Words
    • 20 Pages
    Powerful Essays
    Read More
  • Good Essays

    Nt1330 Unit 3 Assignment 1
    • 801 Words
    • 4 Pages

    Nt1330 Unit 3 Assignment 1

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    139949 Level 2 Unit Hsc 2002 Provide Support For Mobility Exemplar Candidate Work 1
    • 3301 Words
    • 14 Pages

    139949 Level 2 Unit Hsc 2002 Provide Support For Mobility Exemplar Candidate Work 1

    commentary. While the exemplars are intended to be useful in interpreting the specification’s Assessment Criteria,…

    • 3301 Words
    • 14 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Project part 6
    • 406 Words
    • 2 Pages

    Project part 6

    PCI DSS stands for Payment Card Industry Data Security Standard. PCI DSS originally began as five different programs: Visa, MasterCard, American Express, Discover and JCB data security programs. Each company creates an additional level of protection for card issuers by ensuring that merchants meet minimum levels of security when they store, process and transmit cardholder data. PCI DSS specifies 12 requirements for compliance, organized into six logically related groups called control objectives. Each version of PCI DSS has divided these 12 requirements into a number of sub-requirements differently, but the 12 high level requirements have not changed since the inception standard. The control objectives are Build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks and maintain an information security policy. The requirements for compliance are, install and maintain a firewall configuration to protect card holder data, do not use vendor-supplied defaults for system passwords and other security parameters, protect stored cardholder data, encrypt transmission of cardholder data across open public networks, use and regularly update anti-virus software on all systems commonly affected by malware, develop and maintain secure systems and applications, restrict access to cardholder data by business need-to-know, assign a unique ID to each person with computer access, restrict…

    • 406 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    ASOKA DBQ Outline
    • 344 Words
    • 3 Pages

    ASOKA DBQ Outline

    Details provided may not be specific, may be irrelevant or inaccurate OR only one detail is provided…

    • 344 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Overlook Video Stores Inc
    • 5129 Words
    • 17 Pages

    Overlook Video Stores Inc

    The second purpose of this memo, as per your request, is to specifically address the…

    • 5129 Words
    • 17 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Irp - Community and Fam Studies
    • 588 Words
    • 3 Pages

    Irp - Community and Fam Studies

    Appendix: All information that was relevant and useful but not critical to report. All should be number and labelled.…

    • 588 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Unit 1 Assignment 1
    • 286 Words
    • 1 Page

    Unit 1 Assignment 1

    In today’s era, everyone pays with credit cards or debit cards. This healthcare organization will need to be PCI DSS compliant. PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The Council is responsible for managing the security standards, while compliance with the PCI Security Standards is enforced by the payment card brands.…

    • 286 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Powerful Essays

    Office 365 White Paper
    • 3872 Words
    • 16 Pages

    Office 365 White Paper

    © 2013 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.…

    • 3872 Words
    • 16 Pages
    Powerful Essays
    Read More
  • Good Essays

    Principles Of Compliance And Accountability Act (HIPAA)
    • 671 Words
    • 3 Pages

    Principles Of Compliance And Accountability Act (HIPAA)

    It was created by the PCI Security Standard Council in which several major credit card companies gave input. The PCI DDS was established to ensure that the Name, Credit card number, expiration date and security code was not compromised in any way. There are several requirements and many more principles that are part of these requirements. Building and maintaining a secure network: install and maintain a firewall, and do not use defaults, such as in passwords. Protecting the cardholder data: protecting the stored data and using encrypted transmissions. Maintain a Vulnerability Management program: use and update antivirus software and develop and maintain secure systems. Implement strong access control measures: restrict access to data, use unique logons for each user, and restrict physical access. Regularly monitor and test networks: track and monitor all access to systems and data and regularly test security. Maintain an Information security policy: maintain a security policy. Merchants using credit cards must comply with the standards and regulations of PCI DSS and is monitored by the acquirer. This is a three part process. First the merchant assess by identifying an existing cardholder and then analyzing the data and checks for vulnerabilities. Second the merchant Remediates by correcting any vulnerabilities and storing data…

    • 671 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    The Power of God
    • 25712 Words
    • 103 Pages

    The Power of God

    © 2007 Copyright Hewlett-Packard Development Company, L.P. Edition 1, 2/2007 Reproduction, adaptation or translation without prior written permission is prohibited, except as allowed under the copyright laws. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing this software or this function. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm" in all material mentioning or referencing the derived work. RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind. These notices must be retained in any copies of any part of this documentation and/or software.…

    • 25712 Words
    • 103 Pages
    Good Essays
    Read More
  • Best Essays

    Information Security Policy
    • 3396 Words
    • 14 Pages

    Information Security Policy

    Sunica Music and Movies is a company that currently has four locations. This business is ready to improve the way they do business by implementing a computerized network that will allow for centralized accounting and inventory as well as starting a web-based e-commerce site. The following document provides an in-depth look at the implementation of policy and procedures that will help this transition to become successful.…

    • 3396 Words
    • 14 Pages
    Best Essays
    Read More

Related Topics