How can we help you?
What is PCI DSS?
Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements to ensure the security of processing and transferring payment data of bank cardholders.
The standard was developed by the Payment Card Industry Security Standards Council (PCI SSC), established by international payment systems such as Visa, MasterCard, American Express, JCB and Discover.
PCI DSS requirements apply to merchants, banks, providers of all kinds of services, retail stores, call centres, payment gateways and other organizations whose activities are related to the processing, transmission and storage of payment cardholder data.
The standard contains only 12 requirements:
- Computer network protection;
- Configuration of information structure components;
- The security of cardholders’ stored data;
- The security of cardholders’ transmitted data;
- Anti-virus protection of information infrastructure;
- Development and support of information systems;
- Controlling access to cardholder data;
- Authentication mechanisms;
- Physical protection of information infrastructure;
- Information Security Management;
- Logging of events and actions;
- Information infrastructure security control.
The main aspects that PCI DSS is focused on are:
- The security of cardholders’ data.
- Constructing and maintaining the security network.
- Implementation of severe measurements for access control.
- Vulnerabilities control;
- Development and implementation of the security policy.
How do merchants benefit from PCI DSS compliance?
- Compliance with the requirements of international payment systems;
- Reducing risks from possible disclosure of confidential information;
- An increasing level of trust as well as customers’ loyalty.