Payment Card Industry Data Security Standard (PCI DSS)

 A mandatory set of rules which are aimed at reduction of fraud within the Payment System.

How does Payment Card Industry Data Security Standard work?

The PCI DSS is mandated by the Card Networks and is administered by Payment Card Industry Security Standards Council (PCI SSC). Mastercard, Visa, Discover, JCB, and American Express created PCI SSC in order to reduce fraud occurring within the Payment System. The first version of PCI DSS was passed in 2004, these rules are updated from time to time as to represent the developments present in the Payment System. 

PCI DSS specifies twelve requirements which are organised into six groups titled ‘control objectives’. Control objectives are following: 1. Build and Maintain a Secure Network and Systems; 2. Protect Cardholder Data; 3. Maintain a Vulnerability Management Program; 4. Implement Strong Access Control Measures; 5. Regularly Monitor and Test Networks; 6. Maintain an Information Security Policy.

Other articles