PCI DSS 3.2 - A Comprehensive Understanding to Effectively Achieve PCI DSS Compliance

Haseen Usman Ahmed

商品描述

This book provides information, guidelines, best practices, relevant sources and explanation of the PCI Standards, majorly the PCI Data Security Standard (PCI DSS), PCI Payment Application Data Security Standard (PA-DSS), PIN Transactional Security Standard (PTS) and Point-to-Point Encryption Standard (P2PE). Commonly referred to as the PCI Standards Family, the Payment Card Industry Security Standards Council (PCI SSC) has developed this set of standards to ensure the protection of cardholder data. The Payment Card Industry Data Security Standard or PCI DSS is one of the most important data security standards of the recent times. All organizations that handle credit card information as a part of their business need to meet the standard’s data security requirements. The author has expertly crafted this book as a guide for individuals undertaking the journey to achieve PCI DSS compliance with required proper understanding. The PCI SSC standards provide particular and very specific guidelines for merchants, business and all other entities that are involved in the storage, processing or transmission of cardholder data and sensitive card information. This book aims to educate all stakeholders and entities about PCI standards, guidelines and best practices as outlined by the PCI SSC, and the importance of complying with the PCI standards. These standards cover all aspects of the payment card lifecycle, from the designing, production, development, usage and destruction at the end of life, to the design, development, and manufacturing of software and hardware that are utilized for storing, transmitting and processing cardholder information and sensitive card data. A single solution doesn’t guarantee security against all external/internal threats and the risks of customer card data. But you are proceeding in the right direction if you are trying to understand the standard and achieve compliance.

商品描述(中文翻譯)

本書提供了PCI標準的資訊、指南、最佳實踐、相關資源以及PCI數據安全標準(PCI DSS)、PCI支付應用數據安全標準(PA-DSS)、PIN交易安全標準(PTS)和點對點加密標準(P2PE)的解釋。這些標準通常被稱為PCI標準家族,支付卡行業安全標準委員會(PCI SSC)制定了這一系列標準,以確保持卡人數據的保護。PCI數據安全標準(PCI DSS)是當今最重要的數據安全標準之一。所有處理信用卡信息的組織都需要滿足該標準的數據安全要求。作者以專業的手法編寫了這本書,作為追求PCI DSS合規性的個人的指南,並提供必要的理解。PCI SSC標準為商家、企業和其他涉及持卡人數據和敏感卡信息的寄存、處理或傳輸的實體提供了具體而具體的指南。本書旨在教育所有利益相關者和實體,了解PCI標準、指南和最佳實踐,以及遵守PCI標準的重要性。這些標準涵蓋了支付卡生命周期的所有方面,從設計、生產、開發、使用到生命結束時的銷毀,以及用於存儲、傳輸和處理持卡人信息和敏感卡數據的軟件和硬件的設計、開發和製造。單一解決方案不能保證對所有外部/內部威脅和客戶卡數據風險的安全。但是,如果您試圖理解這一標準並實現合規性,那麼您正在朝著正確的方向前進。