PCI DSS

(PCI DSS)

Security of cardholders personal information and card data from unauthorize
persons, is key to successful operation of “e-commerce payment system”. Serious
emphasis is therefore placed on security of payment gateway infrastructure by
Card Issuing Banks. To archive it’s objectives, Payment Card Industry (PCI), a
body of Card Issuing Banks, met and decided to put in place; standard security
routing process that, payment gateway system must comply with.

It also agreed that the process be updated annually for compliance. A 6-step rule
called: Payment Card Industry Data Security Standard (PCI DSS), was then
outlined, that payment gateway system must satisfied as condition for
operation recognition. The rules it is believe will minimize or eliminate, e-
commerce payment fraud and provide protection for businesses involve in e-
commerce payment system.

PCI DSS rules below, is an adaptation extract from Visa Inc. web site and is
purely for appreciation of efforts of stakeholders in tackling e-payment fraud.

PCI DSS Regulations

  • Build and Maintain a Secure Network

Install and maintain a firewall configuration, with personalized password for
the protection of cardholders data and other security parameters

  • Protect Cardholders Data

Where necessary, cardholder data, stored in payment gateway server must be
protected. The data must also be encrypted in transmission across open
networks.

  • Maintain a Vulnerability Management Program

Install anti-virus software and ensure it’s regular update. Develop and
maintain secure systems and payment gateway applications.

  • Implement Strong Access Control Measures

Access to cardholder data (online or offline) must be on need-to-know basis. And
personnel with access to the data must be assigned unique ID and Password.

  • Regularly Monitor and Test Networks

Track and monitor all access to network resources and cardholder data. Develop
routing test on your security systems and processes.

  • Maintain an Information Security Policy

Put in place policy that will regularly address issues relating to information
security which must be adhere to by your personnel and associates in the
business.

Cardholders and web surfers equally have responsibility to cover their tracks as
they log-in or fill sensitive forms online. Installation of antivirus software is
essential for the protection of web browser to avoid falling victim of fraudsters
that phish the internet. Antivirus protection prevent unwanted internet
intruders from accessing personal data and important information.

Advertisements

One thought on “PCI DSS

  1. Thanks for the tips you have contributed here. Another thing I would like to express is that personal computer memory needs generally rise along with other advancements in the technological know-how. For instance, when new generations of processor chips are made in the market, there is certainly usually a matching increase in the scale preferences of both the laptop or computer memory as well as hard drive room. This is because the software operated by way of these processors will inevitably boost in power to make use of the new know-how.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s