Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Payment Card Industry (PCI) Security Standard Developed by the PCI Security Council formed by major card issuers: Visa, MasterCard, American Express,

Published byDana Glenn Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Payment Card Industry (PCI) Security Standard Developed by the PCI Security Council formed by major card issuers: Visa, MasterCard, American Express,"— Presentation transcript:

1 1 Payment Card Industry (PCI) Security Standard Developed by the PCI Security Council formed by major card issuers: Visa, MasterCard, American Express, Diners Club, JCB International and Discover Card. All issuing financial institutions and merchants that take credit card transactions on the Internet have to comply. Failure to comply may lead to financial penalty. Chan

2 PCI Security Standard Visa and MasterCard require major merchants and IT service organizations (over 1 million transactions annually or over 20,000 eTransactions annually) to have an annual external validation for compliance. 2

3 3 PCI Standards 1.Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor supplied defaults for system passwords and other security parameters. 3. Protect stored cardholder data. 4. Encrypt transmission of cardholder data across the Internet

4 4 PCI Standards 5. Use regularly updated anti-virus software 6. Develop and maintain secure systems and applications 7. Restrict access to cardholder data by business on a need-to-know basis 8. Assign a unique ID to each person with computer access

5 5 PCI Security Standard 9. Restrict physical access to cardholder data 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes 12. Maintain a policy that addresses information security

6 Review Questions 1. What kinds of organizations are required to provide an annual external validation of compliance with the PCI Security Standard? Organizations that process > 1 million transactions or 20,000 eTransactions annually 6

7 MC Question Which organization is most likely exempted from obtain external scanning for compliance with the PCI Security Standard? A. Sony B. Amazon C.Boeing D.Walmart 7

8 MC Question What kind of access to cardholder data must be monitored by Best Buy? A.Update B.All C.External D.Create 8

9 MC Question Who make up the PCI Security Council? A.Banks B.Major credit card issuers C.Governments D.Central banks 9

10 MC Question What is the maximum number of digits in a credit card number that can be displayed to a customer or a merchant? A.First 6 and last 4 B.First 6 C.Last 4 D.First 4 and last 4 10

11 MC Question How is the PIN verified? A. Comparing the keyed PIN to the database B. Comparing the keyed in value to the hash of the credit card number C. Calculating the PIN offset based on decrypting the keyed in PIN and comparing the calculated PIN offset to the stored PIN offset. 11

Download ppt "1 Payment Card Industry (PCI) Security Standard Developed by the PCI Security Council formed by major card issuers: Visa, MasterCard, American Express,"

Similar presentations

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.

Payment Card Industry Data Security Standard AAFA ISC/SCLC Fall 08.
.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.

.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.
The Payment Card Industry Data Security Standard (PCI DSS)

The Payment Card Industry Data Security Standard (PCI DSS)
PCI DSS for Retail Industry

PCI DSS for Retail Industry
Payment Card Industry Data Security Standard Tom Davis and Chad Marcum Indiana University.

Payment Card Industry Data Security Standard Tom Davis and Chad Marcum Indiana University.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.

PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Merchant Card Processing (PCI Compliance for Supervisors) Sponsored by UW-Platteville’s Financial Services and The Office of Information Security.

Merchant Card Processing (PCI Compliance for Supervisors) Sponsored by UW-Platteville’s Financial Services and The Office of Information Security.
PCI-DSS Erin Benedictson Information Security Analyst AAA Oregon/Idaho.

PCI-DSS Erin Benedictson Information Security Analyst AAA Oregon/Idaho.
Complying With Payment Card Industry Data Security Standards (PCI DSS)

Complying With Payment Card Industry Data Security Standards (PCI DSS)
2014 PCI DSS Meeting OSU Business Affairs Process Improvement Team (PIT) Robin Whitlock & Dan Hough 10/28/2014.

2014 PCI DSS Meeting OSU Business Affairs Process Improvement Team (PIT) Robin Whitlock & Dan Hough 10/28/2014.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Property of CampusGuard Compliance With The PCI DSS.

Property of CampusGuard Compliance With The PCI DSS.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Jeff Williams Information Security Officer CSU, Sacramento

Jeff Williams Information Security Officer CSU, Sacramento
Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.

Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.
Visa Cemea Account Information Security (AIS) Programme

Visa Cemea Account Information Security (AIS) Programme
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Similar presentations

Ads by Google