Find out more about joining the group here.
In the News
Search Security join the PCI User Group
The PCI Data Security Standard
The PCI Data Security Standard is a set of comprehensive requirements for enhancing payment account data security. It was developed by the founding payment brands of the PCI Security Standards Council, including Visa, MasterCard, American Express, Discover Financial Services and JCB, to help facilitate the broad adoption of consistent data security measures on a global basis.
The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer account data.
The number of transactions taken annually dictates the level of compliance needed. Merchant levels range from levels 1 - 4, with 1 requiring quarterly scans and a full annual audit and level 4 requiring an annual scan and a self-complete form to be submitted.
There are 12 requirements within the PCI Data Security Standard regulations which apply to all levels of merchant. These fall under six main headings:
- Build and maintain a secure network
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Restrict physical access to cardholder data
- Regularly test security systems and processes
Further details of the exact requirements can be found using the following links:
The PCI Data Security Standards Council - a link to the founding payment brands' site