PCI Compliance
PCI Compliance
The Payment Card Industry, which includes MasterCard and Visa, have defined a standard for securing cardholder data, wherever it is located.
Compliance is required of all entities storing, processing, or transmitting cardholder data. This includes banks, online merchants and Member Service Providers (MSPs). In order to protect cardholder information anyone handling cardholder data much adhere to the set of agreed upon security standards.
The Payment Card Industry security standard (PCI) includes MasterCard's Site Data Protection (SDP) program and Visa's Cardholder Information Security Program (CISP).
What is required of a PCI compliant company
There are many requirements set for a PCI compliant company, these requirements are organized into are six general categories called 'control objectives.' These objectives include:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
privacy policy | security | partners | site map