What Is The Payment Card Industry DSS?

The Payment Card Industry Data Security Standard ( PCI DSS ) is a set of requirements developed to reduce credit card fraud and increase data security. This industry standard affects every company that deals with card payment transactions. The PCI DSS requires companies to:

• Build and maintain secure network architecture
• Demonstrate that cardholder data security programmes are in place
• Maintain a vulnerability management programme
• Implement strong access restriction measures
• Peform regular security risk assessment and monitoring
• Maintain an information security policy

WHO DOES PCI DSS AFFECT?

Every on-line retailer, payment service provider or other organisation participating in the transaction process or saving credit card information is now required to achieve PCI DSS compliance.

WHAT ARE THE CONSEQUENCES OF NON-COMPLIANCE?

Companies who do not comply may be subject to:

• increased processing fees
• a bar on processing credit card transactions
• fines of up to £250,000 ($500,000) for each instance of non-compliance

HOW CAN 7SAFE HELP?

7Safe have unrivalled expertise in providing impartial data security services. Unlike many other data security companies, we have been awarded Qualified Security Assessor (QSA) status by the PCI Security Standards Council. Our consultants are experts in all aspects of Payment Card Industry DSS compliance, including: pre-compliance assessment; security risk assessment (to assess your company’s vulnerability to security breaches); incident response (including forensics); specialist training courses, and compliance auditing. What’s more, 7Safe is vendor-neutral. We don’t sell IT security products, so we won’t be pushing you to buy expensive extras.

CORE PAYMENT CARD INDUSTRY DSS PRINCIPLES AND REQUIREMENTS