{"id":4558,"date":"2024-03-29T15:26:00","date_gmt":"2024-03-29T19:26:00","guid":{"rendered":"http:\/\/www.nationaltransaction.com\/credit-card-merchant\/?p=4558"},"modified":"2025-01-17T09:01:11","modified_gmt":"2025-01-17T14:01:11","slug":"pci-dss-security","status":"publish","type":"post","link":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/pci-dss-security\/","title":{"rendered":"PCI\/DSS Security"},"content":{"rendered":"<p data-sourcepos=\"1:1-1:454\"><span class=\"citation-0 recitation\">The PCI DSS (<\/span><span class=\"citation-0 recitation citation-1\">Payment Card Industry Data Security Standard) <\/span><span class=\"citation-0 recitation citation-1 citation-2 citation-end-1\">is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit<\/span><span class=\"citation-0 recitation citation-2 citation-end-0\"> card information maintain a secure environment.<\/span> <span class=\"citation-3 recitation citation-end-3\">It was created by the major credit card companies (Visa, Mastercard, American Express, Discover, etc.) and is administered by the Payment Card Industry Security Standards Council.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span><\/p>\n<div class=\"container ng-tns-c3372787340-19 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-19\">\n<div class=\"carousel-content ng-tns-c3372787340-19\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-19 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<div class=\"sources-carousel-source ng-tns-c3372787340-19 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><span class=\"citation-4 recitation citation-end-4\">The PCI DSS has 12 main requirements and over 300 sub-requirements that fall into 6 categories:<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"container ng-tns-c3372787340-20 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-20\">\n<div class=\"carousel-content ng-tns-c3372787340-20\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-20 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<ol data-sourcepos=\"5:1-11:0\">\n<li data-sourcepos=\"5:1-5:194\"><strong><span class=\"citation-5 recitation\">Build and Maintain a Secure Network and Systems:<\/span><\/strong><span class=\"citation-5 recitation citation-end-5\"> This includes installing and maintaining firewalls, changing vendor-supplied defaults, and protecting stored cardholder data.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-21 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-21\">\n<div class=\"carousel-content ng-tns-c3372787340-21\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-21 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li data-sourcepos=\"6:1-6:160\"><strong><span class=\"citation-6 recitation\">Protect Cardholder Data:<\/span><\/strong><span class=\"citation-6 recitation citation-end-6\"> This involves protecting stored data and encrypting transmission of cardholder data across open, public networks.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-22 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-22\">\n<div class=\"carousel-content ng-tns-c3372787340-22\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-22 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li data-sourcepos=\"7:1-7:193\"><strong><span class=\"citation-7 recitation\">Maintain a Vulnerability Management Program:<\/span><\/strong><span class=\"citation-7 recitation citation-end-7\"> This includes using and regularly updating anti-virus software and developing and maintaining secure systems and applications.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-23 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-23\">\n<div class=\"carousel-content ng-tns-c3372787340-23\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-23 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li data-sourcepos=\"8:1-8:278\"><strong><span class=\"citation-8 recitation\">Implement Strong Access Control Measures:<\/span><\/strong><span class=\"citation-8 recitation\"> This involves <\/span><span class=\"citation-8 recitation citation-9\">restricting access to cardholder data <\/span><span class=\"citation-8 recitation citation-9 citation-10 citation-end-9\">by business need-to-know, assigning a unique ID to each person with computer access,<\/span><span class=\"citation-8 recitation citation-10 citation-end-8\"> and restricting physical access to cardholder data.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-24 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-24\">\n<div class=\"carousel-content ng-tns-c3372787340-24\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-24 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<div class=\"sources-carousel-source ng-tns-c3372787340-24 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li data-sourcepos=\"9:1-9:221\"><strong><span class=\"citation-11 recitation\">Regularly Monitor and Test Networks:<\/span><\/strong><span class=\"citation-11 recitation\"> This includes <\/span><span class=\"citation-11 recitation citation-12\">tracking and monitoring all access to network resources <\/span><span class=\"citation-11 recitation citation-12 citation-13 citation-end-11\">and cardholder data and regularly testing security systems and processes.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-25 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-25\">\n<div class=\"carousel-content ng-tns-c3372787340-25\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-25 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<div class=\"sources-carousel-source ng-tns-c3372787340-25 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<li data-sourcepos=\"10:1-11:0\"><strong><span class=\"citation-13\">Maintain an Information Security Policy:<\/span><\/strong> <span class=\"citation-13 citation-14 recitation citation-end-13\">This<\/span><span class=\"citation-14 recitation citation-end-14\"> involves maintaining a policy that addresses information security for all personnel.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span>\n<div class=\"container ng-tns-c3372787340-26 hide\">\n<div class=\"carousel-container ng-tns-c3372787340-26\">\n<div class=\"carousel-content ng-tns-c3372787340-26\">\n<div class=\"sources-carousel-source ng-tns-c3372787340-26 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<div class=\"sources-carousel-source ng-tns-c3372787340-26 hide ng-star-inserted\" data-test-id=\"sources-carousel-source\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/li>\n<\/ol>\n<p data-sourcepos=\"12:1-12:309\"><span class=\"citation-15 recitation citation-end-15\">Compliance with PCI DSS is mandatory for all organizations that handle cardholder data.<\/span> <span class=\"citation-16 recitation citation-end-16\">Validation of compliance is performed annually or quarterly, depending on the volume of transactions, and can involve self-assessment questionnaires or audits by qualified security assessors.<\/span><span class=\"button-container hide-from-message-actions ng-star-inserted\"> \u00a0 <button class=\"mat-mdc-tooltip-trigger button image-fade-on hide-from-message-actions\" aria-controls=\"sources\" aria-expanded=\"false\" aria-describedby=\"cdk-describedby-message-ng-1-32\"><\/button><\/span><\/p>\n<p data-sourcepos=\"14:1-14:326\"><span class=\"citation-17 recitation citation-end-17\">The goal of PCI DSS is to protect cardholder data and reduce credit card fraud by ensuring that companies that interact with credit cards maintain a secure environment.<\/span><\/p>\n<p data-sourcepos=\"14:1-14:326\"><span class=\"citation-18 recitation citation-end-18\">By adhering to the PCI DSS requirements, organizations can help to ensure the safety of their customers&#8217; sensitive information.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that all<\/p>\n<div id=\"more-button\"><a class=\"btn btn-more excerpt-more\" href=\"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/pci-dss-security\/\">Continue Reading<\/a><\/div>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4558","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/posts\/4558","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/comments?post=4558"}],"version-history":[{"count":2,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/posts\/4558\/revisions"}],"predecessor-version":[{"id":5101,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/posts\/4558\/revisions\/5101"}],"wp:attachment":[{"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/media?parent=4558"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/categories?post=4558"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nationaltransaction.com\/credit-card-merchant\/wp-json\/wp\/v2\/tags?post=4558"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}