SecurusVault
Security

PCI-DSS

The Payment Card Industry Data Security Standard. Good not only for credit cards.

Online financial transactions are sensitive operations and highly susceptible to attacks. One of the most important initiatives to define security standards and best practices for payment transaction security has come from the Payment Card Industry.

Compliance with PCI requires an annual audit, quarterly penetration testing and daily network scans.

Your SecurusVault account runs only on server certified to level 1 (the highest) of PCI DSS.

Know more about PCI-DSS

In 1998 one of the first large scale credit card fraud was publicly disclosed. About 900,000 cardholders across 22 countries were the victims of fraudulent micro-transactions worth a total of almost 50 million USD. More than 10 years later, in January 2009, the news reported what can be considered the largest fraud ever involving several hackers from around the world charged with the theft and illegal sales of up to 130 million credit card numbers and personal information stolen from Heartland Payment Systems, the ninth largest payment processor in the world.

During these years then the major Credit Cards industries have put together their efforts to provide guidelines on how to handle sensible personal data related to credit card payments. These efforts produced in 2004 the first version of the Payment Card Industry Data Security Standard (PCI DSS), which is now becoming mandatory for all entities involved in the processing of credit card data during a payment. The standard is the first attempt to create a set of rules and policies provides security guidance for software developers, hardware manufacturers and system administrators. Until October 2008 the PCI Council (composed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.) was monitoring the conformance to the standard only in North America, but since the updated rules of PCI DSS have been in effect as of October 30 2008, the PCI council along with PCI Europe are pushing global banks and all companies processing, storing, or transmitting cardholder data to be PCI DSS complaint.

Useful links to learn more: