. .

PCI-DSS – secure standard for credit card information processing

In 2005, the international card organisations agreed on the Payment Card Industry (PCI) Data Security Standard (DSS). The PCI-DSS defines a consistent approach when implementing the security requirements for the secure storage and management of credit card data. The PCI data protection standards define the requirements of the VISA (Account Information Security - AIS) and MasterCard (Site Data Protection - SDP) programs. Due to the common and consistent standards, merchants or payment service providers (PSP) can carry out the certification process for both card systems in one go.
PCI-DSS comprises 12 security requirements laid down in the Payment Card Industry (PCI) data security standard.

These are achelos services for PCI-DSS

  • Security assessment of computer networks on the basis of PCI-DSS requirements
  • Designing security concepts for changing computer networks according to PCI-DSS
  • General PCI-DSS consulting
  • Implementation of security concepts:
    • Secure identification of authorised users
    • Protecting the stored data of credit card holders using suitable encryption processes.
    • Encrypted data transmission of credit card holders in public networks
    • Access protection mechanisms to limit access to credit card holder data
    • Logging all access to network resources and data of credit card holders
    • Creating company policies with guidelines for information security for both employees and contracting partners
    • Quality management
    • Project management