The PCI security standards are technical and operational requirements that were created to help organizations that process card payments prevent credit card fraud, hacking and various other security vulnerabilities and threats.
WHO DOES IT AFFECT?
All organizations that store, process or transmit cardholder data.
WHAT DOES IT REQUIRE?
1. Skip recording of card info – The standard requires that card security codes (CID, CAV2, CVC2, CVV2) are not stored
2. Cardholder data protection – Access to recordings protected and available with a multi-level access, with recordings encrypted and not alterable
3. Network security – TLS 1.1/1.2 are required as of 30th of June 2018
4. Audit trail - Implement strong access control measures
READ MORE ON OUR BLOG