PCI DSS
- Installation of firewalls
- Encryption of data transmissions
- Use of anti-virus software
Secure network
- A firewall configuration must be installed and maintained
- System passwords must be original (not vendor-supplied)
- Stored cardholder data must be protected
- Transmissions of cardholder data across public networks must be encrypted
- Anti-virus software must be used and regularly updated
- Secure systems and applications must be developed and maintained
- Cardholder data access must be restricted to a business need-to-know basis
- Every person with computer access must be assigned a unique ID
- Physical access to cardholder data must be restricted
- Access to cardholder data and network resources must be tracked and monitored
- Security systems and processes must be regularly tested
- A policy dealing with information security must be maintained
- Promote use of credit cards with a promise to secure card transactions.
- Protect merchants’ profits from unauthorized use and credit card fraud.
- Improve brand image and trustworthiness of merchants and service providers.
- Prevent and reduce the frequency of data loss, and reduce cost of restoration.
Recent Comments