Improving security and cutting fraud
Card schemes – such as MasterCard and Visa – need to make sure merchants have protection in place to deter hackers and criminals. Cardholder data is a tempting target for fraudsters – and there’s been a series of recent high-profile security breaches around the world.
What is PCI DSS?
The PCI Security Standards Council manages the security standards for the payment cards industry. The council was formed by Visa, MasterCard, American Express, and Discover.
It works across five main areas:
- Develop and maintain a global, industry-wide technical data security standard to protect card-holders’ account information
- Reduce costs and lead times to implement the Data Security Standard. The council works to establish and ensure compliance with common technical standards and audit procedures
- Providing a list of globally available, qualified security solution providers on its web site to help the industry become compliant.
- Lead training, education, and a streamlined process for certifying Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs). This provides a single source of approval recognized by all five founding members.
- Provide a transparent forum, where all stakeholders can contribute to the ongoing development, enhancement and dissemination of data security standards.
General Documents
- PCI Security Standards Council
- Visa Card Information Security Program (CISP)
- Visa Merchant Levels Defined
- The MasterCard Site Data Protection Program (SDP)
- MasterCard Merchant Levels Defined
- American Express Data Security Operating Policy (DSOP)
- American Express Merchant Levels Defined
- Discover Information Security & Compliance (DISC)
