Payment Card Industry Data Security Standard

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
(Threats)
(Threats)
Line 3: Line 3:
== Security System Life Cycle ==
== Security System Life Cycle ==
=== Threats ===
=== Threats ===
-
The main threat to the Payment Card Industry as a whole is more of a threat to the card holders than the industry itself.  The card holders are taking a chance whenever they use their credit cards in order to make a purchase.  Everytime a purchase is made, there is a chance that the card holders information will be stolen. If card holders don't trust that their information is secure then they will stop using their credit cards and the Payment Card Industry will suffer because of it.   
+
<P>The main threat to the Payment Card Industry as a whole is more of a threat to the card holders than the industry itself.  The card holders are taking a chance whenever they use their credit cards to make a purchase.  This threat is not only present when purchasing online, but also when purchasing in stores.  The threat originates from a lack of industry wide standards on how card holder information should be stored, processed or transmitted.</P>
-
This is why Security Policies are extremely important to the Payment Card Industry.
+
 
 +
<P>This security threat directly affects the Payment Card Industry because if cardholders don't trust that their information is secure, then they will not use their credit cards and hence the Payment Card Vendors loose business.  This is why the Payment Card Industry is moving forward with their industry wide standard for security, the Payment Card Industry Data Security Standard.</P>
=== Policy ===
=== Policy ===

Revision as of 23:43, 1 December 2007

The Payment Card Industry Data Security Standard (PCI DSS) is a security document created by the Payment Card Industry Security Standards Council (PCI SSC). To make the explanation of the PCI DSS a bit more interesting, I will be presenting it as an Industry Wide security do

Contents

Security System Life Cycle

Threats

The main threat to the Payment Card Industry as a whole is more of a threat to the card holders than the industry itself. The card holders are taking a chance whenever they use their credit cards to make a purchase. This threat is not only present when purchasing online, but also when purchasing in stores. The threat originates from a lack of industry wide standards on how card holder information should be stored, processed or transmitted.

This security threat directly affects the Payment Card Industry because if cardholders don't trust that their information is secure, then they will not use their credit cards and hence the Payment Card Vendors loose business. This is why the Payment Card Industry is moving forward with their industry wide standard for security, the Payment Card Industry Data Security Standard.

Policy

Security System Development

Requirements Specifications

Design/Implementation

Operation and Maintenance

Summary

References

See Also

Electronic Voting Systems
Social engineering
Piggybacking
Identity Theft
The Mitnick attack
Security and Storage Mediums
Operating Systems Security
Honeypot

Personal tools