SlideShare a Scribd company logo
1 of 26
Download to read offline
PCI Data Security Standards information  for  Merchants by Evolution Security Systems
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Company Background ,[object Object],[object Object],[object Object]
[object Object],Product and Service Coverage ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Valued Vendor Partners
Our Clients
Background of PCI
In 2006, 40 million Credit Card data was hacked due to  breaches at third party payment processors
PCI DSS is a joint effort by Visa, MasterCard, American Express, Discover and JCB. PCI applies to all merchants and services providers that  process, transmit, or store  credit card information. The standard is enforced by the card companies and acquirer banks.
When Should I Act? “ All Deadlines had Passed” Bob Russo Director, PCI Security Standards Council
The Pressure is Here… Recently Visa has issued letters to service providers demanding them to be complied and certified by  as early as June 2008 .  This is a long-awaited final call to the industry.  No more excuse of “I don’t know” or “PCI has nothing to do with my organization”.
12 Key Requirements of PCI
12 Key Requirements for All Organizations Protect Cardholder Data 1. Protect stored data (in both hardcopy and electronic copy) 2. Encrypt transmissions of cardholder data (electronic copy) Implement Strong Access Control Measures 3. Restrict access by need-to-know 4. Assign unique IDs to all users 5. Restrict physical access to cardholder data (hardcopy) Regularly Monitor and Test Networks 6. Track and monitor access to cardholder data 7. Regularly test security systems and processes Maintain an Information Security Policy 8. Maintain an information security policy Build and Maintain a Secure Network 9. Install and maintain a firewall 10. Do not use vendor default password Maintain a Vulnerability Management Program 11. Use and update antivirus software 12. Develop and maintain secure systems and applications
Guidelines for Credit Card Data Storage Data Element Storage Permitted Protection Required PCI DSS REQ. 3.4 Cardholder Data (in both hardcopy and electronic copy)  Primary Account Number (PAN) Yes Yes Yes Cardholder Name Yes Yes No Service Code Yes Yes No Expiration Date Yes Yes No Sensitive Authentication Data Full Magnetic Stripe No N/A N/A CVC2 / CVV2 / CID No N/A N/A PIN / PIN Block No N/A N/A
What if I am not compliant?
What if my business is not PCI complaint? ,[object Object],[object Object],[object Object],[object Object],[object Object]
By being PCI Compliant ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What should I do?
Merchant Levels ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Others Processing 20,000 to 1,000,000  e-commerce  transactions annually Processing 1,000,000 to 6,000,000 transactions annually Processing over 6,000,000 transactions annually  OR Merchants that card company determines should meet the Level 1 merchant requirements
6-Step PCI Compliance Process Define which merchant level your business belongs to Map out the data flows in your business Conduct a Gap Analysis and scope the project Plan and implement remediation Obtain certification Staying compliant Step 2 Step 1 Step 4 Step 3 Step 6 Step 5
Evolution’s Full PCI Cycle Seeking assistance from QSA and Consultants Conducting  Gap Analysis Prioritizing Remediation Implementing changes & safeguards Maintaining Compliance
Summary
Work… ,[object Object],[object Object],[object Object],[object Object]
Remember… ,[object Object],[object Object],[object Object],[object Object]
Questions and Answers For more information, visit http://pci.evolve-online.com
Contact Us ,[object Object],Global Headquarters 11 La Rue Grellier Rue des Pres Trading Est St. Saviour JE1 3UP  Jersey Tel: +44 (0)1534 728827  UK Headquarters 42 Bloomsbury Street London, United Kingdom WC1B 3QJ Tel: +44 (0)870 112 5434  EMEA Solutions and sales office Roseneath, The Grange St. Peter Port GY1 2QJ Guernsey Tel:+44 (0)870 112 5434  UK Solutions and sales (North) IC2, Keele University Science Park Keele, Staffordshire United Kingdom ST5 5NH Tel: +44 (0)870 112 5434  UK Solutions and sales (Midlands) Tochi House, Park Circle Swan Valley, Northampton NN4 9BH United Kingdom Tel: +44 (0)870 112 5434  UK Solutions and sales (South) Portsmouth Technopole Kingston Crescent Portsmouth, Hampshire, United Kingdom PO2 8FA Tel: +44 (0)870 112 5434

More Related Content

What's hot

P0 Pcidss Overview
P0 Pcidss OverviewP0 Pcidss Overview
P0 Pcidss Overviewb28stu
 
PCI DSS Slidecast
PCI DSS SlidecastPCI DSS Slidecast
PCI DSS SlidecastRobertXia
 
Introduction To SAQ 4 U
Introduction To SAQ 4 UIntroduction To SAQ 4 U
Introduction To SAQ 4 URAlcala65
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGhimalya sharma
 
PCI DSS Certification
PCI DSS CertificationPCI DSS Certification
PCI DSS Certificationhodonoghue
 
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...AtoZ Compliance
 
PCIDSS compliance made easier through a collaboration between NC State and UN...
PCIDSS compliance made easier through a collaboration between NC State and UN...PCIDSS compliance made easier through a collaboration between NC State and UN...
PCIDSS compliance made easier through a collaboration between NC State and UN...John Baines
 
Payment Card Industry CMTA NOV 2010
Payment Card Industry CMTA NOV 2010Payment Card Industry CMTA NOV 2010
Payment Card Industry CMTA NOV 2010Donald E. Hester
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for DummiesLiberteks
 
PCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayPCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayBluePayProcessing
 
A practical guides to PCI compliance
A practical guides to PCI complianceA practical guides to PCI compliance
A practical guides to PCI complianceJisc
 
PCI Compliance for Community Colleges @One CISOA 2011
PCI Compliance for Community Colleges @One CISOA 2011PCI Compliance for Community Colleges @One CISOA 2011
PCI Compliance for Community Colleges @One CISOA 2011Donald E. Hester
 
Alcumus ISOQAR PCIDSS Compliance Presentation
Alcumus  ISOQAR PCIDSS Compliance PresentationAlcumus  ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance PresentationBhargav Upadhyay
 
Tripwire pci basics_wp
Tripwire pci basics_wpTripwire pci basics_wp
Tripwire pci basics_wpEdward Lam
 
Introduction to PCI DSS
Introduction to PCI DSSIntroduction to PCI DSS
Introduction to PCI DSSSaumya Vishnoi
 
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsPCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsFit Small Business
 
PCI Compliance Seminar
PCI Compliance SeminarPCI Compliance Seminar
PCI Compliance Seminardlinehan2
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCIKelly Lam
 

What's hot (20)

P0 Pcidss Overview
P0 Pcidss OverviewP0 Pcidss Overview
P0 Pcidss Overview
 
PCI DSS Slidecast
PCI DSS SlidecastPCI DSS Slidecast
PCI DSS Slidecast
 
Introduction To SAQ 4 U
Introduction To SAQ 4 UIntroduction To SAQ 4 U
Introduction To SAQ 4 U
 
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAININGPCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
PCI DSS | PCI DSS Training | PCI DSS AWARENESS TRAINING
 
PCI DSS Certification
PCI DSS CertificationPCI DSS Certification
PCI DSS Certification
 
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...
Introduction to the Payment Card Industry Data Security Standard (PCI DSS) - ...
 
PCIDSS compliance made easier through a collaboration between NC State and UN...
PCIDSS compliance made easier through a collaboration between NC State and UN...PCIDSS compliance made easier through a collaboration between NC State and UN...
PCIDSS compliance made easier through a collaboration between NC State and UN...
 
Payment Card Industry CMTA NOV 2010
Payment Card Industry CMTA NOV 2010Payment Card Industry CMTA NOV 2010
Payment Card Industry CMTA NOV 2010
 
PCI Compliance for Dummies
PCI Compliance for DummiesPCI Compliance for Dummies
PCI Compliance for Dummies
 
Pcidss qr gv3_1
Pcidss qr gv3_1Pcidss qr gv3_1
Pcidss qr gv3_1
 
PCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayPCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePay
 
PCI DSS
PCI DSSPCI DSS
PCI DSS
 
A practical guides to PCI compliance
A practical guides to PCI complianceA practical guides to PCI compliance
A practical guides to PCI compliance
 
PCI Compliance for Community Colleges @One CISOA 2011
PCI Compliance for Community Colleges @One CISOA 2011PCI Compliance for Community Colleges @One CISOA 2011
PCI Compliance for Community Colleges @One CISOA 2011
 
Alcumus ISOQAR PCIDSS Compliance Presentation
Alcumus  ISOQAR PCIDSS Compliance PresentationAlcumus  ISOQAR PCIDSS Compliance Presentation
Alcumus ISOQAR PCIDSS Compliance Presentation
 
Tripwire pci basics_wp
Tripwire pci basics_wpTripwire pci basics_wp
Tripwire pci basics_wp
 
Introduction to PCI DSS
Introduction to PCI DSSIntroduction to PCI DSS
Introduction to PCI DSS
 
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsPCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
 
PCI Compliance Seminar
PCI Compliance SeminarPCI Compliance Seminar
PCI Compliance Seminar
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCI
 

Similar to Evolution Pci For Pod1

eCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Merchants
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation servicesTariq Juneja
 
Pci compliance overview earth link business
Pci compliance overview earth link businessPci compliance overview earth link business
Pci compliance overview earth link businessMike Shelah
 
Essay On Final Project
Essay On Final ProjectEssay On Final Project
Essay On Final ProjectPawpaw Tran
 
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxAssignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxtrippettjettie
 
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Stephanie Gutowski
 
Quick Reference Guide to the PCI Data Security Standard
Quick Reference Guide to the PCI Data Security StandardQuick Reference Guide to the PCI Data Security Standard
Quick Reference Guide to the PCI Data Security Standard- Mark - Fullbright
 
Nt1310 Project Design
Nt1310 Project DesignNt1310 Project Design
Nt1310 Project DesignErin Adams
 
Verderber Rothke What’s New With PCI
Verderber   Rothke   What’s New With PCIVerderber   Rothke   What’s New With PCI
Verderber Rothke What’s New With PCIBen Rothke
 
Credit Card Processing for Small Business
Credit Card Processing for Small BusinessCredit Card Processing for Small Business
Credit Card Processing for Small BusinessMark Ginnebaugh
 
PCI Compliance - Delving Deeper In The Standard
PCI Compliance -  Delving Deeper In The StandardPCI Compliance -  Delving Deeper In The Standard
PCI Compliance - Delving Deeper In The StandardJohn Bedrick
 
Visa Compliance Mark National Certification
Visa Compliance Mark National CertificationVisa Compliance Mark National Certification
Visa Compliance Mark National CertificationMark Pollard
 
A systematic approach to pci compliance using rsa archer
A systematic approach to pci compliance using rsa archerA systematic approach to pci compliance using rsa archer
A systematic approach to pci compliance using rsa archerSubhajit Bhuiya
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...i2Coalition
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdf
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdfpci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdf
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdfssuserbcc088
 

Similar to Evolution Pci For Pod1 (20)

eCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain Media
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation services
 
Pci compliance overview earth link business
Pci compliance overview earth link businessPci compliance overview earth link business
Pci compliance overview earth link business
 
Pci ssc quick reference guide
Pci ssc quick reference guidePci ssc quick reference guide
Pci ssc quick reference guide
 
PruebaJLF.pptx
PruebaJLF.pptxPruebaJLF.pptx
PruebaJLF.pptx
 
Essay On Final Project
Essay On Final ProjectEssay On Final Project
Essay On Final Project
 
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docxAssignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
Assignment 1Assignment 1 Bottling Company Case StudyDue Week.docx
 
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
 
PCI FAQs and Myths
PCI FAQs and MythsPCI FAQs and Myths
PCI FAQs and Myths
 
Quick Reference Guide to the PCI Data Security Standard
Quick Reference Guide to the PCI Data Security StandardQuick Reference Guide to the PCI Data Security Standard
Quick Reference Guide to the PCI Data Security Standard
 
Nt1310 Project Design
Nt1310 Project DesignNt1310 Project Design
Nt1310 Project Design
 
Verderber Rothke What’s New With PCI
Verderber   Rothke   What’s New With PCIVerderber   Rothke   What’s New With PCI
Verderber Rothke What’s New With PCI
 
Credit Card Processing for Small Business
Credit Card Processing for Small BusinessCredit Card Processing for Small Business
Credit Card Processing for Small Business
 
PCI Compliance - Delving Deeper In The Standard
PCI Compliance -  Delving Deeper In The StandardPCI Compliance -  Delving Deeper In The Standard
PCI Compliance - Delving Deeper In The Standard
 
Visa Compliance Mark National Certification
Visa Compliance Mark National CertificationVisa Compliance Mark National Certification
Visa Compliance Mark National Certification
 
A systematic approach to pci compliance using rsa archer
A systematic approach to pci compliance using rsa archerA systematic approach to pci compliance using rsa archer
A systematic approach to pci compliance using rsa archer
 
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
Webinar: Protect Your Customers, Protect Yourself Learn How to Take Precautio...
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdf
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdfpci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdf
pci powerpoint 01-12-2012- cal poly basic rev 07-23-12b.pdf
 
Cards Center Workshop
Cards Center WorkshopCards Center Workshop
Cards Center Workshop
 

Recently uploaded

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 

Recently uploaded (20)

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 

Evolution Pci For Pod1

  • 1. PCI Data Security Standards information for Merchants by Evolution Security Systems
  • 2.
  • 3.
  • 4.
  • 8. In 2006, 40 million Credit Card data was hacked due to breaches at third party payment processors
  • 9. PCI DSS is a joint effort by Visa, MasterCard, American Express, Discover and JCB. PCI applies to all merchants and services providers that process, transmit, or store credit card information. The standard is enforced by the card companies and acquirer banks.
  • 10. When Should I Act? “ All Deadlines had Passed” Bob Russo Director, PCI Security Standards Council
  • 11. The Pressure is Here… Recently Visa has issued letters to service providers demanding them to be complied and certified by as early as June 2008 . This is a long-awaited final call to the industry. No more excuse of “I don’t know” or “PCI has nothing to do with my organization”.
  • 13. 12 Key Requirements for All Organizations Protect Cardholder Data 1. Protect stored data (in both hardcopy and electronic copy) 2. Encrypt transmissions of cardholder data (electronic copy) Implement Strong Access Control Measures 3. Restrict access by need-to-know 4. Assign unique IDs to all users 5. Restrict physical access to cardholder data (hardcopy) Regularly Monitor and Test Networks 6. Track and monitor access to cardholder data 7. Regularly test security systems and processes Maintain an Information Security Policy 8. Maintain an information security policy Build and Maintain a Secure Network 9. Install and maintain a firewall 10. Do not use vendor default password Maintain a Vulnerability Management Program 11. Use and update antivirus software 12. Develop and maintain secure systems and applications
  • 14. Guidelines for Credit Card Data Storage Data Element Storage Permitted Protection Required PCI DSS REQ. 3.4 Cardholder Data (in both hardcopy and electronic copy) Primary Account Number (PAN) Yes Yes Yes Cardholder Name Yes Yes No Service Code Yes Yes No Expiration Date Yes Yes No Sensitive Authentication Data Full Magnetic Stripe No N/A N/A CVC2 / CVV2 / CID No N/A N/A PIN / PIN Block No N/A N/A
  • 15. What if I am not compliant?
  • 16.
  • 17.
  • 19.
  • 20. 6-Step PCI Compliance Process Define which merchant level your business belongs to Map out the data flows in your business Conduct a Gap Analysis and scope the project Plan and implement remediation Obtain certification Staying compliant Step 2 Step 1 Step 4 Step 3 Step 6 Step 5
  • 21. Evolution’s Full PCI Cycle Seeking assistance from QSA and Consultants Conducting Gap Analysis Prioritizing Remediation Implementing changes & safeguards Maintaining Compliance
  • 23.
  • 24.
  • 25. Questions and Answers For more information, visit http://pci.evolve-online.com
  • 26.