Home
Topics
Software Security Testing and Quality Assurance
Internet Application Security
Complying with the PCI Data Security Standard

Complying with the PCI Data Security Standard

What do I have to do to make sure my application security complies with the PCI Data Security Standard?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

The Payment Card Industry Data Security Standard, or PCI, is a standard co-developed by Visa and MasterCard. PCI defines a set of requirements for how cardholder information is to be protected and how compliance is to be assured. PCI requires merchants to have their publicly facing networks and Web sites be tested every three months by a certified vendor. PCI compliance assures merchants and the credit card brands that no serious vulnerabilities are present and consumers can shop with confidence.

To make sure you're PCI-compliant, you're going to have to do a couple things. If you're a Level 1 merchant (accepting over 6 million credit card transactions per year), you need to have an Annual On-site Security Assessment and Quarterly Networks Scan performed by an approved vendor. If you're a Level 2 or 3 merchant (accepting between 20,000 and 6 million credit card transactions per year), you need to fill out the Annual Self-Assessment Questionnaire and have Quarterly Networks Scans performed by an approved vendor.

More News and Tutorials

Articles

This was first published in January 2006

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

SOA
Java
Windows Development
Oracle
Cloud computing
Business Analytics

SOA
- Architects can meet mobile user needs by altering mindset
  
  Smartphones, tablets and desktop computers don't just differ in screen size; they are different form factors.
- Tools and practices to create a meaningful SOA ALM process
  
  To create a meaningful SOA ALM process, architects have to remember modern apps are increasingly using components.
- Inside the world of Web APIs, the cloud and mobile technology
  
  Rob Daigneau offers his expert insights on the convergence of the cloud, mobile technology and Web APIs.
Java
- JSR-286 development tutorial: Mastering request-response programming
  
  This portlet programming tutorial shows how the PortletRequest and Portlet Response are used when developing JSR-286, request-response based apps.
- JSR-286 development tutorial: An introduction to portlet programming
  
  This portlet programming tutorial is an introduction to developing JSR-286 applications that can be deployed to any standards-based portal server.
- Mastering Tomcat: Installation, configuration, logging and optimization
  
  To master the Apache Tomcat server, administrators and developers need to be familiar with installation, configuration, logging and performance optimization
Windows Development
- Native versus JavaScript/HTML5 development for Window 8 apps
  
  Learn the advantages and disadvantages in using HTML5/JavaScript for deployment.
- Technology Priorities for 2012
  
  Each year TechTarget surveys thousands of IT professionals around the world on their company’s forecasts for the coming year. As IT budgets continue through the strain of trying to align themselves with businesses trying to recover from the global recession, the direction of IT’s newest technologies may surprise you.
- Where can I find Visual Basic 6.0 DataEnvironment code samples?
  
  Get information on the best places to find Visual Basic DataEnvironment 6.0 code samples.
Oracle
- Domain-specific Oracle master data management
  
  Oracle master data management products are starting to merge various data management hubs, which is a help in particular vertical industries.
- Privileged user management a must for DBAs
  
  Trust, but verify. Ronald Reagan made it popular, and it's certainly relevant for DBAs in today's consolidated, virtualized IT world.
- John Webb: Why the new PeopleSoft applications are big news
  
  Lena Weiner-Bishop catches up with Oracle's vice president of PeopleSoft strategy, who explains the excitement around new PeopleSoft applications.
Cloud computing
- Google Compute Engine prices on par with AWS -- for now
  
  Conventional wisdom has Google and AWS locked in the Price War of the Titans with the launch of GCE, but a deeper look reveals a different truth.
- Limiting the effects of cloud computing outages
  
  After making the case for cloud based on high availability, IT pros are upset by cloud outages. With planning, there are ways to craft a strategy.
- Amazon Redshift an appealing alternative to on-premises data warehouse
  
  Amazon Redshift has intriguing pricing and features, but beware of its differences from a traditional, on-premises data warehouse.
Business Analytics
- Marketing and advertising remain sweet spots for big data technology
  
  Marketing and advertising are the sweet spots for big data, but those who serve up marketing insights and ad space will need to evolve to survive.
- Strategies for de-cluttering business intelligence dashboard designs
  
  Expert Brian Jordan shows business intelligence managers how to avoid developing dashboards that overwhelm business users with too much information.
- Making mobile BI applications a reality: Key steps to take
  
  In a podcast, BI expert William McKnight discusses best practices and action items for managing deployments of mobile business intelligence tools.

All Rights Reserved,Copyright 2006 - 2013, TechTarget