Most major credit card companies have adopted the Payment Card Industry (PCI) Data Security Standard, which was jointly developed by VISA and MasterCard. Adopters of the standard include American Express, Diners Club, Discover, and JCB International.
According to Qualsys, MasterCard intends to make annual self-assesments and quarterly security scans manditory beginning June 30 for all online members, merchants, and service providers who process more than $125,000 gross per month in credit card transactions.
The PCI standard requires that companies adhere to a specific set of information security requirements or risk heavy fines and face the possibility of becoming barred from processing credit card transactions. Numerous companies already comply with the standard and many security-related companies also provide auditing services and products that help with compliance.
Among the requirements are to maintain a firewall and intrusion detection system, hire an approved third-party auditor to perform quarterly external vulnerability testing, and to monitor file integrity including non-data files. The requirements also the need to render cardholder data unreadable by using one way hash functions, encryption, data truncation, or index tokens. Companies must also maintain an audit trail that dates back at least one year, implement an incident response plan, and much more. The full details of the requirements can be found at VISA's and MasterCard's Web site.
Note: This article was corrected 21 Apr 05 to reflect a correct dollar amount ($125,000) and the requirements for quarterly and annual security audits.
An often irreverent look at some of the week's other news, including a shortened work week thanks to the 4th of July, expensive Windows 7 pricing, Bing's modest monthly gains, IE 8 heading to work, Steve Jobs back at Apple, and so much more ...
Get Mark Minasi’s Windows Server 2008 Audio CDs "Windows expert, consultant and best-selling author Mark Minasi shows you if 2008 is right for you and, if so, how to get the most out of it!
Take Control of Your Email Optimize your email storage – Download this white paper to learn key how-to’s in email storage management.
Get Windows IT Pro To Go! The Windows IT Pro Magazine Master CD is a powerful combination of content and convenience. Order now, and save up to 25%--plus you’ll get online access to new articles each and every month! Subscribe today!
Register
