What is PCI DSS?

PCI DSS stands for Payment Card Industry Data Security Standard. It is a
cybersecurity standard backed by all the major credit card and payment processing
companies that aims to keep credit and debit card numbers safe.

Payment security is important for every merchant, financial institution, or other entity
that stores, processes, or transmits cardholder data. It is vital that every entity
responsible for the security of cardholder data diligently follows the PCI Data
Security Standards.

What is Payment Security?

Payment security refers to the protective measures and technologies employed in
financial transactions to safeguard sensitive information, such as credit card details,
from unauthorized access or theft. This includes encryption for secure data
transmission, the use of secure websites (https://), two-factor authentication,
tokenization to replace actual card numbers, regular transaction monitoring, and
maintaining up-to-date software to ensure a robust defense against potential security
threats.

As a merchant, what can you do to have better payment security?

• Buy and use only approved PIN entry devices at your points-of-sale

• Buy and use only validated payment software at your POS or website
shopping cart

• Do not store any sensitive cardholder data in computers or on paper

• Use a firewall on your network and PCs

• Make sure your wireless router is password-protected and uses encryption

• Use strong passwords. Be sure to change default passwords on the hardware
and software – most are unsafe

• Regularly check PIN entry devices and PCs to make sure no one has installed
rogue software or “skimming” devices

• Teach your employees about security and protecting cardholder data

• Follow the PCI Data Security Standard


 

Where can you get more information on PCI DSS?

To understand more on the security standards and requirements, you may visit
https://www.pcisecuritystandards.org/merchants/ for more information.