Visa, MasterCard, American Express, Diner's Club, Discover, and JCB collaborated to create a new set of standards based on CISP (Cardholder Information Security Policy), and known as the Payment Card Industry Data Security Standard (PCI). All merchants and service providers that handle, transmit, store or process information concerning any of these cards, or related card data, are required to be compliant with PCI or face contract penalties or even termination by the credit card issuers. The primary purpose of this standard is to protect credit card data by reducing fraud and theft. The PCI standard seeks to accomplish this through a "Defense-in-depth" strategy.
Did you find this white paper useful?
Related white papers
Accelerating Secure Business Applications Podcast
Download this Riverbed Connect podcast and listen as Bob Gilbert discusses with Mark Day, Riverbed's Chief Scientist, the details involving SSL encryption, SSL's impact on WAN optimization, and new wide-area...
Eroding Spam Filter Effectiveness: Bad for Business
As spammers and scammers continually introduce new and more sophisticated distribution techniques, organizations continue to see tremendous increases in spam and other email-borne threats--and the attacks are getting increasingly difficult...
Outbound Email and Data Loss Prevention in Today's Enterprise, 2008
How concerned are companies about the content of email leaving their organizations? And how do companies manage the legal and financial risks associated with outbound email? To find out, Proofpoint...
Extended Description Techniques for Security Engineering
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure...
A Calculus for Cryptographic Protocols
We introduce the spi calculus, an extension of the pi calculus designed for describing and analyzing cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication...
Trust Web Services and XML Security Standards
Web services are self-contained, modular applications that can be described, published, located, and invoked over the Internet. Web services perform well-defined functions both for applications and other Web services, which...
Critics Blast FCC Wiretap Specs
Sweeping standards announced by the Federal Communications Commission would make all common carriers, including cable operators and utilities offering telecommunications services, subject to a controversial 1994 digital wiretap law. Critics...
