Aristi PCI DSS

PAYMENT CARD INDUSTRY DATA SECURITY STANDARD

India

+91 980 627 9784

USA

+1 909 939 9672

Bahrain

+973 366 83 371

Germany

+49 1516 584 9029

PCI DSS: Are you taking payment security seriously?

What is the PCI DSS ?

The PCI DSS (Payment Card Industry Data Security Standard) is administered by the PCI SSC (Security Standards Council) to decrease payment card fraud across the Internet and increase payment card data security. Organisations that accept, store, transmit or process cardholder data must comply with the PCI DSS.

  • If you are a merchant, the PCI DSS applies to you. Even if you have subcontracted all PCI DSS activities to a third party, you are still responsible for ensuring all contracted parties comply with the Standard.
  • If you are a service provider, including a software developer, the PCI DSS applies to you if you process, transmit or store cardholder data, or your activities affect the security of the cardholder data as it is being processed, transmitted or stored.

The PCI DSS Goals

BUILD AND MAINTAIN A SECURE NETWORK

Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.

PROTECT CARDHOLDER DATA

Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open, public networks.

MAINTAIN A VULNERABILITY MANAGEMENT PROGRAMME

Requirement 5: Protect all systems against malware and regularly update antivirus software or programs.
Requirement 6: Develop and maintain secure systems and applications.

IMPLEMENT STRONG ACCESS CONTROL MEASURES

Requirement 7: Restrict access to cardholder data by business need to know.
Requirement 8: Identify and authenticate access to system components.
Requirement 9: Restrict physical access to cardholder data.

SIEM & Log Monitoring

REGULARLY MONITOR AND TEST NETWORKS

Requirement 10: Track and monitor all access to network resources and cardholder data.
Requirement 11: Regularly test security systems and processes.

GDPR DPIA in India

MAINTAIN AN INFORMATION SECURITY POLICY

Requirement 12: Maintain a policy that addresses information security for all personnel.

OUR PCI DSS SERVICES

Aristi provides services to support you at each stage of your organisation’s PCI DSS compliance project.

PCI DSS Consultation Services

PCI DSS Gap Assessment

PCI DSS Risk Assessment

PCI DSS Remediation Services

PCI DSS Audit

PCI DSS Self Assessment Questionnaire (SAQ)

PCI DSS ASV Scanning Services

PCI DSS SIEM/FIM/SOC Services

PCI DSS Awareness Training

WhatsApp WhatsApp us