• News And Announcements
  • Payment Card Industry News And Announcements
  • Payment Card Industry Security Incidents
• Payment Card Industry Data Security Standard Frequently Asked Questions (PCI DSS FAQ)
  • Build and Maintain a Secure Network
    • [PCI_DSS] Requirement 1: Install and maintain a firewall configuration to protect cardholder data
    • [PCI_DSS] Requirement 2: Do not use vendor-supplied defaults for system passwords and other security
  • Protect Cardholder Data
    • [PCI_DSS] Requirement 3: Protect stored cardholder data
    • [PCI_DSS] Requirement 4: Encrypt transmission of cardholder data across open, public networks
  • Maintain a Vulnerability Management Program
    • [PCI_DSS] Requirement 5: Use and regularly update anti-virus software
    • [PCI_DSS] Requirement 6: Develop and maintain secure systems and applications
  • Implement Strong Access Control Measures
    • [PCI_DSS] Requirement 7: Restrict access to cardholder data by business need-to-know
    • [PCI_DSS] Requirement 8: Assign a unique ID to each person with computer access
    • [PCI_DSS] Requirement 9: Restrict physical access to cardholder data
  • Regularly Monitor and Test Networks
    • [PCI_DSS] Requirement 10: Track and monitor all access to network resources and cardholder data
    • [PCI_DSS] Requirement 11: Regularly test security systems and processes.
  • Maintain an Information Security Policy
    • [PCI_DSS] Requirement 12: Maintain a policy that addresses information security
  • Appendix A: PCI DSS Applicability for Hosting Providers
    • Requirement A.1: Hosting providers protect cardholder data environment
• PA-DSS - Payment Application Data Security Standards
  • [PA_DSS] 1. Do not retain full magnetic stripe, card validation code or value (CAV2, CID, CVC2, CVV
  • [PA_DSS] 2. Protect stored cardholder data
  • [PA_DSS] 3. Provide secure authentication features
  • [PA_DSS] 4. Log payment application activity
  • [PA_DSS] 5. Develop secure payment applications
  • [PA_DSS] 6. Protect wireless transmissions
  • [PA_DSS] 7. Test payment applications to address vulnerabilities
  • [PA_DSS] 8. Facilitate secure network implementation
  • [PA_DSS] 9. Cardholder data must never be stored on a server connected to the Internet
  • [PA_DSS] 10. Facilitate secure remote software updates
  • [PA_DSS] 11. Facilitate secure remote access to payment application
  • [PA_DSS] 12. Encrypt sensitive traffic over public networks
  • [PA_DSS] 13. Encrypt all non-console administrative access
  • [PA_DSS] 14. Maintain instructional documentation and training programs for customers, resellers, an
• test
  • test2
  • Comments

vBulletin® v3.7.4, Copyright ©2000-2008, Jelsoft Enterprises Ltd.