If your store accepts credit card payments from customers then it will do you good to know about the PCI DSS. PCI DSS stands for payment card industry data security standard. It is basically a list of rules, norms, guidelines and controls developed to strengthen the e-commerce security system. Everyday millions of credit card transactions take place across the globe and people divulge their credit information to make their payments with the belief that their data is safe with the people with whom they are dealing. Hence it is of paramount importance that those who regularly accept credit cards from customers should follow the rules, controls and measures of PCI DSS.
There are a total of 12 requirements that you need to comply with to secure your online deals with customers. These rules are as follows: first you will have to install and maintain a firewall configuration to protect card holder data; it is advisable not to use vendor-supplied defaults for passwords and other security parameters; you must take adequate steps to protect the stored cardholder data.
5 major credit card companies- MasterCard worldwide, Visa International, American Express, Discover Financial Services and JCB developed this system. The PCI DSS standard was developed to bring about uniformity and consistency in data security measures. The PCI DSS works towards building and maintaining a secure network, protecting card holder data, maintain a vulnerability management program, implementation of strong access control measures, regular monitoring and testing of networks and maintaining an information security policy. If you handle, store and process credit or debit card data then it is essential that you take immediate steps to comply wit these guidelines.
Cardholder data should be accessible only to those who need to know for business purpose; you should assign a unique ID to each person who has access to card holder data so that you can easily track the employee in case of any fraud; there should be physical restriction to the cardholder data; you should have a proper system in place to track and monitor all access to network resources and cardholder data; make it a point to test your security system at interval to rule out the chances of any loop holes creeping in and remaining in the system undetected; frame a policy that covers every area of online payment process and its security.
Credit card fraud is a reality and everyday thousands of customers are being robbed of their valuable credit card information. PCI DSS helps to deal with this issue in a holistic way so that every possible area is covered and immediate constructive steps could be taken in case of any security breach. Proper cooperation between PCI SSC, credit card brands, acquirers and covered parties will help to minimize the threats of security breach by complying with PCI DSS standards.
There are a total of 12 requirements that you need to comply with to secure your online deals with customers. These rules are as follows: first you will have to install and maintain a firewall configuration to protect card holder data; it is advisable not to use vendor-supplied defaults for passwords and other security parameters; you must take adequate steps to protect the stored cardholder data.
5 major credit card companies- MasterCard worldwide, Visa International, American Express, Discover Financial Services and JCB developed this system. The PCI DSS standard was developed to bring about uniformity and consistency in data security measures. The PCI DSS works towards building and maintaining a secure network, protecting card holder data, maintain a vulnerability management program, implementation of strong access control measures, regular monitoring and testing of networks and maintaining an information security policy. If you handle, store and process credit or debit card data then it is essential that you take immediate steps to comply wit these guidelines.
Cardholder data should be accessible only to those who need to know for business purpose; you should assign a unique ID to each person who has access to card holder data so that you can easily track the employee in case of any fraud; there should be physical restriction to the cardholder data; you should have a proper system in place to track and monitor all access to network resources and cardholder data; make it a point to test your security system at interval to rule out the chances of any loop holes creeping in and remaining in the system undetected; frame a policy that covers every area of online payment process and its security.
Credit card fraud is a reality and everyday thousands of customers are being robbed of their valuable credit card information. PCI DSS helps to deal with this issue in a holistic way so that every possible area is covered and immediate constructive steps could be taken in case of any security breach. Proper cooperation between PCI SSC, credit card brands, acquirers and covered parties will help to minimize the threats of security breach by complying with PCI DSS standards.
About the Author:
Want to find out more about PCI-DSS, then visit Trust-guard.com to choose the best Trust-Guard for your needs.
Nenhum comentário:
Postar um comentário