The Payment Card Industry Data Security Standard (PCI DSS) was as a series of requirements for companies, to process, store and transfer the data from the credit card to facilitate the dealers to adopt adequate security of all societies of credit cards.
The PCI security standards of the Council and updates the norm. The application of programs to comply with the sanctions and are used by each brand of payment.
In the assessment of conformity with PCI solutions for enterprises should take the examiners and look to the products offer a complete PCI should be changes in the standards.
PCI also includes requirements in processing. The complete requirements include three levels of validation:
1st Safety on the construction sites of the audit
2nd Questionnaire on self-assessment
3rd Scanners in the network
The level of validation required, the frequency and the validation of the effort depends on risk and transaction costs or volume.
The actual costs for a breach of the security of data
Security of data against a company can cost an average of $ 182 per folder compared with the costs and legal and other expenses. While it is without the cost of a damaged reputation, competitive advantage, and the lost customers because of the injury and the cost of an action if the accusations are in a hurry. Dealers cardholder data store must also think about the possibility of buses are not respected and the danger of an increase in the cost of transactions.
Here are some examples of recent major injuries in the retail sector.
TJX
45.6 million credit card numbers and bank card were stolen.
DSW Shoe Warehouse
Compromise credit card numbers for about 1.4 million customers and driving licence information system of around 96000 customers.
Card Systems
Compromise of information for 40 million holders of credit cards.
Marriot International
Compromise credit card information and phone numbers of social security for 206, 000 customers and employees.
Polo Ralph Lauren
180000 jeopardized the customer’s credit card.
Sam’s Club / Wal-Mart
Data from the credit card in an unspecified number of customers has been suspended.
Requirement of more PCI-laws
In May 2007 the Minnesota was the first country to do PCI requirements set out in a constitutional state, by declaring that any company that violated the security of the data to reimburse the banks that they bear the cost, the blocking and the issue of new cards.
12 steps to check PCI
The following is a list of the 12 requirements of the PCI DSS.
1st Installation and configuration, firewall protection for the data on the card.
2nd Do not use a provider of default system passwords and other security settings.
3rd Protection of data stored cardholders.
4th Encrypt the transmission of data between the card open, public networks
5th Use and regularly update anti-virus software
6th Development and maintenance of secure systems and applications
7th Restriction of access by the cardholders of data by the companies need to know
8th Assigning a unique identifier for each person with access to the computer
9th Restrict physical access to the data of the map
10th From track and monitor access to the resources of the network and the holder of the card data
11st Try regularly the safety of systems and processes
12nd Hold a policy that affected the security of information
Sales Company and service providers and the degree of compliance
Sales Company degree of agreement
1st Level 1: Dealer of more than 6 million credit card transactions each year on all channels, including electronic commerce.
Conformity: PCI-annual report to place the security of data on the quarterly evaluation and network scans.
2nd Level 2: Merchant with 1 to 6 million credit card transactions per year
Conformity: self-assessment of annual and quarterly network scans
3rd Level 3: dealers with 20000 to 1000000 credit cards e-commerce transactions per year.
Note: Also on level 2 merchants
4th Level 4: The merchants of less than 20000 credit card e-commerce transactions per year annual self-assessment and the annual
Conformity: the self-assessment and the annual network scans
Service provider levels
1st Level 1: All processors and the gateways of payment.
Conformity: PCI-annual report to place the security of data and the assessment of the quarterly network scans
2nd Level 2: a provider of services that are not on the level 1 and stores, processes or transmits more than 1 million credit card accounts / transactions per year.
Note: Even on the level 1 of the provider of services
3rd Level 3: Each provider of services that are not on the level 1 and stored, processed or transmitted less than 1000000 accounts credit card transactions per year.
Conformity: annual self-evaluation questionnaire and quarterly network scans.
PCI DSS changes
The PCI security standards have been updated to the issues of implementation, in particular:
• hosting provider requirements
• New provision that the malware such as spyware and adware are in the fight against the virus capacity.
• requirements regarding the review of the code of the application or the firewall.
• requirement of a policy to control the units in connection with
• Appendix A - PCI DSS scope for providers of accommodation.
• Appendix B - controls compensatory measures.
Visit the Standard [https: / / http://www.pcisecuritystandards.org/pdfs/pci_summary_of_pci_dss_changes_v1-1.pdf] for more information.
Dates / sanctions
The deadline for compliance with PCI is past. Visa believes that only 36 percent of the level 1 merchants and 15 percent of the level 2 dealer is to be in the PCI.
Effective October 1, 2007, the buyer, as the transactions qualify for the weaker exchange rates must ensure that the dealers generate revenues, PCI for this performance.
In 2006, Visa will receive $ 4.6 million in fines for companies that do not comply, an increase compared to 2005 a total of 3.4 million U.S. dollars. Source: VISA [http://usa.visa.com/about_visa/press_resources/news/press_releases/nr367.html]
A further consideration to the protection of stored data
Just a compromise tape backup can cost a reputation of their company a competitive advantage, and thousands of dollars in fines. There are the costs to customers, many calls to be received on the how and why this injury, the cost of the loss of business resulting from the breach, and so on.Read more information by clicking the links below:
Music Blog | City Travel | Love Blog | Internet Nerds | Granaditas | Maldigras | About Cars | Nerve Crack | Gamer’s World | Perfect Diapason | Anime | Latest Buzz | Business | Creative Innovations | Sports Reviews | Creative Writing | Fashion Today | Blog Loan Online | Online Opportunities | Blog Addict | Site Submission | Make Money Online | Technology | Gadgets | Articles | Gizmos | Travel | Finance | Blogging | Opinions | Entertainment | Reviews | Websites | Money | Sugar Free Blog | Bonsang | Latest Videos | Globe Auto Load | Airsoft | BlogToMillion | Lifestyle | Shopping | Computer | Britney Spears | PC Games | Marketing | News | Web Design | Society | Benefits | Services | Papable | Blog | Internet Marketing | Real Estate | Earn Online | jSison |
Everybody knows that if you have a quality computer you can do a lot of things mostly in your job or business. RAM or Random Access Memory is one thing that can make your computer faster. Because today, a lot of newly developed applications and programs are being introduced everyday but it requires more computer capacity, particularly the computer memory. Computer speed and performance is very important in business companies because more speed and better performance can result more transactions processed, gain more profit and minimize errors. Many computer retailers will recommend compatible memory upgrades, but only by using the same exact memory as that originally installed is what they can do. I recommend Memory Deal for your memory upgrades.
You have to be sure that whenever you buy or order products from an online company, the website is tested daily to pass the hacker safe security scan. This is to prevent identity theft and credit card fraud. This will ensure you that the company you are trusting are concerned with your security. If you need a 
I have just subscribed at the newsletter of Elatec World! The company impressed me with the products they provide their customers. They have four business units: RFID, cards and services, electronics components and security solutions. I can’t imagine life right now without their help. They have been giving the latest, trendiest and most efficient products that are used in the industrial, medical, consumer applications, telecommunications and entertainment. They are offering products like smart