- Home
- CERTIFICATION/EVALUATION
- PCI DSS
PCI DSS
What is PCI DSS ?
PCI DSS (Payment Card Industry Data Security Standard) is a joint effort by five international credit card brands (JCB, American Express, Discover, MasterCard, and VISA) to safely protect credit card information and transaction information handled by our company. This is a global security standard for the credit industry, established by . Our company uses this as part of our security measures to protect the important information we handle.
Having an information security policy
PCI DSS stipulates the following 12 requirements.
Building and maintaining secure networks and systems
- Install and maintain a firewall to protect cardholder data
- Avoid using vendor-supplied default values for system passwords and other security parameters
Protecting cardholder data
- Protect stored cardholder data
- Encrypt cardholder data when transmitted over open public networks
Maintaining a vulnerability management program
- Protect all systems against malware and update antivirus software regularly
- Develop and maintain highly secure systems and applications
Introducing strong access control methods
- Restrict access to cardholder data to the extent necessary for business purposes
- Identify and authenticate access to system components
- Restrict physical access to cardholder data
Regular network monitoring and testing
- Track and monitor all access to network resources and cardholder data
- Test your security systems and processes regularly
Maintaining information security policy
- Maintain policies that address information security for all personnel
Membership in PCI SSC (Payment Card Industry Security Standards Council, LLC)
We are a member of PCI SSC, which is jointly operated by five international payment brands. PCI SSC is operated for the purpose of continuous development and operation/management of PCI DSS.