Payment Card Industry (PCI)

PCI - Credit card security/privacy regulations defined by the Payment Card Industry. Their evolving Data Security_ Standard (DSS) is critical to ecommerce.

[Category=Data Quality ]

Stibo Systems, 26 May 2011 08:00:16, http://www.stibosystems.com/US/Resources/Glossary/F.aspx

---

These advertisers support this free service

---

Payment Card Industry (PCI) Data Security Standard - The Payment Card Industry (PCI) Data Security_ Standard is an industry regulation developed by VISA, MasterCard and other bank card distributors. It requires organizations that handle bank cards to conform to security standards and follow certain leveled requirements for testing and reporting. MasterCard markets the program as their Site Data Protection (SDP) Program and VISA markets it as their Cardholder Information Security Program (CISP).

The Standards rely on the merchant banks to enforce them and they may do so with penalties for non-compliance and disclosures caused by non-compliance.

Although all companies that collect credit card information, including service providers, have to be compliant, the Standards have more stringent audit and reporting requirements for larger merchants. Four levels of testing and reporting are described. In some cases, the assessors and the companies who do the external network scans must be certified by VISA or MasterCard.

[Category=Geospatial ]

Source: RSA, 20 August 2011 09:19:36, http://www.rsa.com/glossary/