Showing posts with label PCI. Show all posts
Showing posts with label PCI. Show all posts
Store And Forward and PCI DSS
Store And Forward: process of storing card data at time of payment for authorization at later time.
Associations allow temporary storate of card data included track data II which under normal conditions cannot be stored.
Storing such card data is simply too much risk exposure. If you need to use Store And Forward then keep it to minimum data required to create an authorization: card number and expiration.
Ideally merchants should just not use Store And Forward or outsource the process to a compliant PCI DSS provider.
Associations allow temporary storate of card data included track data II which under normal conditions cannot be stored.
Storing such card data is simply too much risk exposure. If you need to use Store And Forward then keep it to minimum data required to create an authorization: card number and expiration.
Ideally merchants should just not use Store And Forward or outsource the process to a compliant PCI DSS provider.
Questions about PCI standards?
2 sites with Q&A and possibility to directly ask your questions:
- PCI Security Standards Council:
http://selfservice.talisma.com/display/2/index.aspx?c=58&cpc=MSdA03B2IfY15uvLEKtr40R5a5pV2lnCUb4i1Qj2q2g&cid=81&cat=&catURL=&r=0.141856014728546 and enter the portal
Select Submit a Question if needed
- Society of Payment Security Professionals:
http://forum.paymentsecuritypros.com/index.php
- PCI Security Standards Council:
http://selfservice.talisma.com/display/2/index.aspx?c=58&cpc=MSdA03B2IfY15uvLEKtr40R5a5pV2lnCUb4i1Qj2q2g&cid=81&cat=&catURL=&r=0.141856014728546 and enter the portal
Select Submit a Question if needed
- Society of Payment Security Professionals:
http://forum.paymentsecuritypros.com/index.php
Society of Payment Security Professionals Forum
This forum has great series of Q&A related to PCI DSS standards. Lots of very interesting questions + comments from good people with lots of answers. http://forum.paymentsecuritypros.com/index.php
PCI DSS
Basics and doscuments about PCI Data Security Standard (PCI DSS) - https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml
PA-DSS
Check basics about Payment Application Data Security Standard (PA-DSS) - https://www.pcisecuritystandards.org/security_standards/pa_dss.shtml
PCI Security Standards Council Quick Links
Straight from the source ...
PCI Data Storage Do’s and Don’ts - https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
Payment Card Industry Security Standards Overview - https://www.pcisecuritystandards.org/pdfs/pcissc_overview.pdf
Ten Common Myths of PCI DSS - https://www.pcisecuritystandards.org/pdfs/pciscc_ten_common_myths.pdf
PCI Data Storage Do’s and Don’ts - https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
Payment Card Industry Security Standards Overview - https://www.pcisecuritystandards.org/pdfs/pcissc_overview.pdf
Ten Common Myths of PCI DSS - https://www.pcisecuritystandards.org/pdfs/pciscc_ten_common_myths.pdf
PCI related webinars - MasterCard
Webinars available at http://www.iian.ibeam.com/events/mast001/24008/
Just need need quick registration
Just need need quick registration
Merchant levels and PCI compliance requirements
Compliance with card security programs is essential when accepting card payments. One of the first steps for a merchant of any size is to define their Merchant Level and the associated PCI compliance actions. Scope of work ranges from completing PCI Self-Assessment Questionnaire to engaging a QSA (Qualified Security Assessor) and undergo audits to validate compliance.
See http://usa.visa.com/merchants/risk_management/cisp_merchants.html
See http://usa.visa.com/merchants/risk_management/cisp_merchants.html
What To Do If Compromised
Download "What To Do If Compromised" from Visa http://usa.visa.com/download/merchants/cisp_what_to_do_if_compromised.pdf
Subscribe to:
Posts (Atom)