What is the full form of PCI DSS in Banking?
PCI DSS Full Text: “Payment Card Industry Data Security Standard”
What does PCI DSS Mean?
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for financial organizations, like banks, that handle branded credit cards from the major card schemes.
It’s a set of security standards designed to ensure the security of credit card, debit card, and other payment card transactions and protect cardholders against misuse of their personal information in financial sectors.
The intentions of PCI DSS is to create an higher level of protection for card issuers by ensuring that merchants meet minimum levels of security when they store, process, and transmit cardholder data.
PCI DSS Requirements:
The PCI DSS 12 requirements are as follows:
- 1. Install and maintain a firewall configuration to protect cardholder data.
- 2. Do not use vendor-supplied defaults for system passwords and other security parameters.
- 3. Protect stored cardholder data.
- 4. Encrypt transmission of cardholder data across open, public networks.
- 5. Use and regularly update antivirus software.
- 6. Develop and maintain secure systems and applications.
- 7. Restrict access to cardholder data by business need-to-know.
- 8. Assign a unique ID to each person with computer access.
- 9. Restrict physical access to cardholder data.
- 10. Track and monitor all access to network resources and cardholder data.
- 11. Regularly test security systems and processes.
- 12. Maintain a policy that addresses information security.
For more information please see here