Pci Quick Guide

Only available on StudyMode
  • Topic: PCI DSS, Security, Payment Card Industry Data Security Standard
  • Pages : 41 (7658 words )
  • Download(s) : 24
  • Published : December 19, 2012
Open Document
Text Preview
PCI Quick Reference Guide
Understanding the Payment Card Industry
Data Security Standard version 1.2

For merchants and organizations that store, process or transmit cardholder data

Contents

Copyright 2008 PCI Security Standards Council, LLC. All Rights Reserved. This Quick Reference Guide to the PCI Data Security Standard is provided by the PCI Security Standards Council to inform and educate merchants and other organizations that process, store or transmit cardholder data. For more information about the PCI SSC and the standards we manage, please visit www.pcisecuritystandards.org.

The intent of this document is to provide supplemental information, which does not replace or supersede PCI Security Standards Council standards or their supporting documents. Full details can be found on our Web site.

03/09

Contents
Introduction: Protecting Cardholder Data with PCI Security Standards ................................... 4 Overview of PCI Requirements ...................................................................................................................... 6 PCI Data Security Standard (PCI DSS).................................................................................................... 8 Payment Application Data Security Standard (PA DSS).................................................................. 10 PIN Transaction Security Requirements (PTS) .................................................................................... 10 Security Controls and Processes for PCI DSS Requirements ............................................................. 11 Build and Maintain a Secure Network................................................................................................... 12 Protect Cardholder Data ............................................................................................................................ 14 Maintain a Vulnerability Management Program ............................................................................... 16 Implement Strong Access Control Measures ..................................................................................... 18 Regularly Monitor and Test Networks ................................................................................................... 21 Maintain an Information Security Policy.............................................................................................. 23 Compensating Controls for PCI Security.............................................................................................. 24 How to Comply with PCI DSS ............................................................................................................................ 25 Choosing a Qualified Security Assessor (QSA) ................................................................................... 26 Choosing an Approved Scanning Vendor (ASV) ............................................................................... 27 Using the Self-Assessment Questionnaire (SAQ) .............................................................................. 28 Reporting ....................................................................................................................................................... 29 Web Resources ....................................................................................................................................................... 30 About the PCI Security Standards Council ............................................................................................... 31 This Guide provides supplemental information that does not replace or supersede PCI DSS version 1.2 documents.

Introduction

3

4
Introduction: Protecting Cardholder Data with
PCI Security Standards
The twentieth century U.S. criminal Willie Sutton was said to rob banks because “that’s where the money is.” The same motivation in our digital age makes merchants the new target for financial...
tracking img