HOME |  SIGN IN / JOIN  |  KOREAN  |  ENGLISH
Merchant Services Products Customer Service Center About CDS
 
  HOME > Merchant Services > PCI Compliance
CDS PCI Support Team
 
CDS has experienced PCI experts that help and support merchants to complete PCI compliance in a simple and easy way. By sending out a notice letter prior to the expiration dates for all merchants in several languages including English and Korean, CDS helps merchants maintain PCI compliancy throughout the year and provides a variety of easily accessible supporting services via online, email, mail, fax, and phone. Furthermore, all merchants are always welcome to call for any help related to PCI compliance and are provided free individual PCI supporting services by our highly experienced PCI experts before their annual compliance dates.
 
Payment Card Industry Data Security Standard
 
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.
Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is done annually — by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) and Quarterly Network Scan for companies handling smaller volumes.
 
Payment Card Industry Data Security Council
 
Founded in 2006 by the major card brands including American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc, PCI SSC develops, manages, educates, and raises awareness of the three PCI standards and provides documents and information to help organizations implement PCI cardholder data.
 
PCI DSS Requirements
 
It is the key standard for helping merchants to protect cardholder data and describes the technical and operational system components that are part of or connected to cardholder data. It is also structured by six goals that include 12 related requirements as follows. 
 
 Build and Maintain a Secure Network
 1. Install and maintain a firewall configuration to protect cardholder data.
 2. Do not use vendor-supplied defaults for system passwords and other security parameters.
 Protect Cardholder Data
 3. Protect stored cardholder data.
 4. Encrypt transmission of cardholder data across open, public networks.
 Maintain a Vulnerability Management Program
 5. Use and regularly update anti-virus software or programs.
 6. Develop and maintain secure system and applications.
 Implement Strong Access Control Measures
 7. Restrict access to cardholder data by business need to know
 8. Assign a unique ID to each person with computer access.
 9. Restrict physical access to cardholder data.
 Regulary Monitor and Test Networks
 10. Track and monitor all access to network resources and cardholder data.
 11. Regularly test security systems and processes.
 Maintain an Information Security Policy
 12. Maintain a policy that addresses information security for all personnel.
contact us | privacy & legal | careers | sitemap
© 2013-2017 Creditcard Discount Services Inc. All rights reserved :: CDS is a registered ISO of Elavon, Inc., Georgia, Fifth Third Bank, Cincinnati, OH, Wells Fargo Bank, N.A., PO Box 6079, Concord, CA 95524