The Payment Card Industry Data Security Standard
June 2nd, 2008 adminThe Payment Care Industry Data Security Standard or PCI DSS levies requirements on credit card merchants to safeguard consumers’ credit information from malicious behaviour from identity thieves. The payment card industry providers such as VISA, MasterCard and American Express are now enforcing PCI compliance.
The PCI standard comprises two basic steps:
1. Pass quarterly remote vulnerability scans conducted by a Visa and MasterCard “Qualified Independent Scan Vendor”. Scans are required for all Internet connection points whether they are office networks or home/office connections (dial\-up, DSL, cable or wireless) or data centres or permanent Internet servers such as your web site and email server, etc.
2. Successful completion of a security self-assessment questionnaire. The self assessment questionnaire asks specific questions about your internal security practices, both on your web site and in your office.
If you have managed hosting service you can check with your host if they are PCI compliant or not.