PCI DSS - Payment Card Industry Data Security Standard -
Payment Card Industry Data Security Standard "PCI DSS" is the global card industry security standard, which is established by five major international payment brands, JCB, American Express, Discover, MasterCard and Visa, to ensure the security of sensitive information handled by merchants and payment processors.
The PCI DSS sets a high level of security to protect cardholder data and transaction data. JCB implements the PCI DSS standard to protect JCB card holders account and transaction card member information. JCB recommends that every merchant and payment processor handling JCB card data fulfill the security requirements stipulated by PCI DSS.
The Program Helps You
Protect cardholder data and transaction data from hackers and fraudsters
The program helps you identify vulnerabilities in your systems and procedures so that you can effectively implement security measures to thwart hackers and fraudsters.
Reduce the risk of theft or loss of information
Theft or loss of information can incur enormous costs for investigation, legal advice, public relations and more, as well as damaging customer confidence and sales volume. The program helps you reduce the risk of potential theft or loss that could have a significant impact on your business.
PCI DSS stipulates 12 requirements to be complied with.
Build and Maintain a Secure Network
Requirement 1 : Install and maintain a firewall configuration to protect cardholder data
Requirement 2 : Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
Requirement 3 : Protect stored cardholder data
Requirement 4 : Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
Requirement 5 : Use and regularly update anti-virus software
Requirement 6 : Develop and maintain secure systems and applications
Implement Strong Access Control Measures
Requirement 7 : Restrict access to cardholder data by business need-to-know
Requirement 8 : Assign a unique ID to each person with computer access
Requirement 9 : Restrict physical access to cardholder data
Regularly Monitor and Test Networks
Requirement 10 : Track and monitor all access to network resources and cardholder data
Requirement 11 : Regularly test security systems and processes
Maintain an Information Security Policy
Requirement 12 : Maintain a policy that addresses information security
You can download PCI DSS.
JCB Data Security Program
JCB provides a program called JCB Data Security Program, which helps JCB merchants and payment processors ensure that they meet the PCI DSS. JCB strongly recommends that JCB merchants and payment processors adopt the JCB Data Security Program to protect cardmember and transaction data.
PCI SSC (PCI Security Standards Council, LLC)
JCB, along with four other international payment brands, is a member of PCI SSC an independent body formed to develop, enhance, disseminate and assist with implementation of security standards for payment account security. PCI SSC is one more way in which JCB is actively promoting a safer environment for JCB card use.