PCI DSS 3.2 Now Available on Whistic

January 13, 2021

The Payment Card Industry Data Security Standards (PCI DSS) is an information security and data security standard for organizations that handle branded credit cards from the major card schemes.

Five major credit card companies—Visa, MasterCard, Discover, American Express, and JCB—came together and established the Payment Card Industry Security Standards Council (PCI Security Standards Council or PCI SSC) to administer and manage security standards for companies that handle credit card data.

Any organization who accepts or processes payment cards must be PCI-compliant, and completing a PCI self-assessment is the first step toward compliance. PCI has three main objectives:

  1. Ensuring that sensitive card details are collected and transmitted securely.
  2. Storing data securely by meeting the 12 security domain requirements of the PCI standard, such as encryption, continuous monitoring, and security testing of access control to card data.   
  3. Annual validation that required security controls are in place, which can include forms, security questionnaires, external vulnerability scanning, and third-party audits. 

To learn more about PCI click here: https://www.pcisecuritystandards.org/

 

Email us to learn more about how Whistic or our Partners can help with a PCI Certification.

standards PCI DSS

About the author

Whistic
Whistic

The latest insights and updates on information security and third party risk management.