Security - PCI DSS
2011.05.16
What is PCI DSS? Why is it important?
The PCI DSS (Payment Card Industry Data Security Standards) is the collection of security procedures developed and introduced by the card companies in order to guarantee the security of online purchases made with bank cards.
Why is it important to operate according to the standard?
Because operating according to the standard guarantees the maximum security of the participants of online payments in an environment, where abuses connected to electronic payment are the most widespread. The market leading card companies - MasterCard, Visa, JCB, AmEx – developed the Payment Card Industry Data Security Standard (PCI DSS) together in 2004 to eliminate the dangers connected to fraud and the theft of personal data.
Based on contracts signed with card companies, the standard requires all organizations engaged in handling, transferring or storing bank card data to fulfill a number of strict, information-security requirements. The PCI DSS regulation is one of the most important systems of compliance requirements, which is applicable to financial institutions, credit-, and bank card processors and merchants engaged in operating internet sale points. The standard requires the concerned organizations to act in compliance with more than 160 strict data security requirements, defined in detail and to regularly verify their compliance by acquiring certificates. The system of requirements is comprehensive, because while it suffices for the attackers to find a single weak point, the defenders must protect all points.
The application of the PCI DSS standard is required by the card issuers in order to secure online bank card payments.