Vectra Information Security
Payment Card Industry (PCI)
- Data Security Assessment
- Application Security Assessment
Why need it?
Data security is not a new issue and facilitating the protection of cardholder data has long been a priority for all Payment Card Companies.
The Payment Card Industry Standard (PCI) sponsored by collaboration between Visa International, MasterCard Worldwide, American Express Co., Morgan Stranley's Discover Financial Services and JCB Co. of Japan, is an effort to protect consumer information and fight Internet fraud through required best practices for securing credit card that is stored, processed or transmitted.
This Security Standard also addresses the concerns of merchants' and acquirers' (financial institutions that enable merchants to accept Visa cards for payment) about having to meet more than one set of standards to accomplish a single goal.
Who needs it?
The Payment Card International (PCI) Security Standards Council will manage the PCI Data Security Standard, with the intention of making its implementation more efficient for all parties involved in a payment card transaction. That includes merchants, payment processors, point-of-sale vendors, financial institutions and more than a billion card holders worldwide. All merchants and service providers who process, store and transmit credit card transaction data must comply with PCI regulations.
To achieve compliance, merchants and service providers must adhere to PCI Security Standards, which offer a single approach to safeguarding sensitive data for all card brands.
The Payment Card Industry Data Security Standard is a framework of twelve basic requirements supported by more detailed sub-requirements.
Can I ignore it?
PCI is industry's most complete regulatory compliance reporting. Visa and MasterCard require retailers -- banks, merchants and member service providers -- to comply with the Payment Card Industry (PCI) Data Security Standard to help ensure the security and privacy of their members' confidential information. Requirement number six of the PCI requirements states that organizations must develop and maintain secure systems and applications.
Failure to comply may result in fines S$500,000, restrictions or permanent expulsion from card acceptance programs.
Who can help you?
Vectra Information Security and Vectra Corporation is proud to have a team of Qualified Security Assessors, having met the requirements to perform both PCI Data Security Assessments and PCI Application Security Assessments.
PCI security assessments are conducted by Qualified Security Assessors (QSAs) who have in-depth experience in market and compliance requirements.
The Standards, Best Practices, Guides, Tools and Links:
PCI security audit procedures
Additional information required for security reviews conducted by non-Visa QSA's
Incident response procedure for account compromise
AIS FAQ
Payment Card Industry (PCI) Data Security Standards
English
Traditional Chinese
Simplified Chinese
PCI Self-Assessment Questionnaire
English
Traditional Chinese
Simplified Chinese
PCI Security Scan Procedures
English
Traditional Chinese
Simplified Chinese
Merchants’ requirements for securing cardholder
English
Traditional Chinese
Simplified Chinese
Korean
English Insert
In the event of a suspected breach, both Visa and MasterCard stipulate immediate action must be taken to notify them, and to limit exposure and theft of personal information.
We are also a provider of investigative and forensic experience, and can help you prepare for, manage and respond to any actual or suspected occurrence of a computer security incident.
For more information, please contact us.
Copyright © 2006. Vectra Information Security Pte Ltd. All Rights 2006 Reserved.
Designated trademarks, pictures and brands are the property of their respective owners
Vectra Information Security
Vectra Information Security
