Maximizing Connectivity & Productivity

PCI DSS 3.0 Making Compliance a part of your business

PCI DSS Compliance will be Mandatory by January 1 2015

What is PCI DSS?

PCI DSS Stands for Payment Card Industry Data Security Standards

The Payment Card Industry Data Security Standard (PCI DSS) was created to protect credit cardholder data, and it is now on version 3.0. The PCI DSS version 3.0 encompasses twelve requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures. These requirements are grouped into six major categories.
In total, the PCI DSS has 6 domains, 12 requirements, and 200 detailed sub-requirements.

These major Domains are:
1. Build and maintain a secure network.
2. Protect cardholder data.
3. Maintain a vulnerability management program.
4. Implement strong access control measures.
5. Regularly monitor and test networks.
6. Maintain an information security policy.

Who needs to be PCI compliant and why?

Since this is a global standard, PCI DSS should apply to any store or entity worldwide that processes or transmits cardholder data. This also will include all financial institutions, merchants and service providers in all payment channels.
Financial institutions include banks, insurance companies, lending agencies, and brokerages.
Merchants include restaurants, retailers (brick-and-mortar, mail/telephone order, e-commerce), transportation operators, and virtually any point-of- sale that processes credit cards across all industries.
Examples of service providers include transaction processors, payment gateways, customer service entities, (i.e. call centers), managed service providers, web hosting providers, data centers, and Independent Sales Organizations.

Leave a Reply

You must be logged in to post a comment.

Mississauga, ON, Canada 905.607.3500