My Merchant Account Blog
Payment Card Industry Data Security Standard
Sunday, December 07, 2008
The Payment Card Industry Data Security Standard (PCI DSS) is the global standard that any business of any size should abide by in order to accept credit cards. This includes storing or processing any cardholder data.Businesses should access any type of vulnerability that might pose a compromise of cardholder data. This vulnerability could be in the process or transmission of the cardholder information. It could also be when the card is given to an employee to scan.
Once the vulnerabilities are identified, steps should be taken immediately to fix any vulnerabilities, i.e. software code and updates. All steps should be documented and back-out procedures in place just in case.
Regular reports are required to be submitted to the acquiring bank and card associations. A quarterly scan report is required by a Approved Scanning Vendor (ASV). Businesses that do have a high number of transactions might also be required to have a annual on-site audit by a Qualified Security Assessor (QSA).
Complying with PCI DSS
While the card organizations came together to help form the PCI DSS council to help set the standards, each card association (brand) has its own security program for compliance:- MasterCard Worldwide: Standard Data Protection (SDP)
- American Express: Data Security Operating Policy (DSOP)
- Discover Financial Services: Discover Information Security & Compliance (DISC)
- Visa Incorporated: Cardholder Information Security Program (CISP)
- JCB International: JCB Data Security Program
Comments
Search My Merchant Account Blog
My Merchant Account Blog Categories
- Chargebacks (8)
- Electronic Payment Gateways (6)
- In The News (6)
- LinkPoint Gateway (4)
- Merchant Accounts (32)
- Miscellaneous (17)
- PCI DSS (12)
- Quantum Gateway (8)
- Security (8)
- Web Hosting and Design (5)
My Merchant Account Blog Archives
- January 2010
- December 2009
- September 2009
- August 2009
- May 2009
- April 2009
- January 2009
- December 2008
- September 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
My Merchant Account Blog Recent Entries
- Reducing Fraudulent Transactions in ECommerce with the Quantum Gateway
- Vetting the Transaction - More Options
- Vetting the Transaction - Verified by Visa and MasterCard Secure Code
- Vetting the Transaction - Card Verification Value or Card Identification Number
- Card Verification Value - Card Verification Code - Card Identification Number
- Vetting the Transaction - GeoIP
- Vetting the Transaction - Calling Your Customer
- Vetting the Transaction - Address Verification Service
- First Data Might Be Over Charging Merchants
- Alternative Merchant Account Reseller for LinkPoint - YourPay - First Data Global Gateway
Sign Up for a Merchant Account
Accept Credit Cards with a Merchant Account - No Termination Fee, No Contracts
Merchant Account
Resources Directory
Check out the new
Merchant Account Resources Directory
Feel Free to submit you link!