PCI DSS

GPTKB entity

Statements (48)
Predicate Object
gptkbp:instanceOf information security standard
gptkbp:appliesTo merchants
service providers
organizations that handle branded credit cards
gptkbp:category cybersecurity
compliance
payment security
gptkbp:compatibleWith gptkb:American_Express
gptkb:Mastercard
gptkb:JCB
Visa
Discover
gptkbp:developedBy gptkb:PCI_Security_Standards_Council
gptkbp:enforcedBy non-compliance may result in fines or loss of ability to process card payments
payment card brands
gptkbp:firstPublished 2004
gptkbp:fullName gptkb:Payment_Card_Industry_Data_Security_Standard
https://www.w3.org/2000/01/rdf-schema#label PCI DSS
gptkbp:latestReleaseVersion 4.0
March 2022
gptkbp:purpose protect cardholder data
gptkbp:region global
gptkbp:relatedStandard gptkb:PA-DSS
gptkb:PCI_3DS_Security_Requirements
gptkb:PCI_Card_Production_and_Provisioning
gptkb:PCI_PIN_Security_Requirements
gptkb:PCI_PTS
gptkb:PCI_Software_Security_Framework
gptkbp:requirementsCount 12
gptkbp:requires track and monitor all access to network resources and cardholder data
develop and maintain secure systems and applications
use and regularly update anti-virus software or programs
maintain a policy that addresses information security for all personnel
protect stored cardholder data
regularly test security systems and processes
restrict physical access to cardholder data
encrypt transmission of cardholder data across open, public networks
install and maintain a firewall configuration to protect cardholder data
assign a unique ID to each person with computer access
restrict access to cardholder data by business need to know
do not use vendor-supplied defaults for system passwords and other security parameters
gptkbp:reviewCycle regularly updated
gptkbp:type gptkb:Internal_Security_Assessor_(ISA)_assessment
gptkb:Qualified_Security_Assessor_(QSA)_assessment
gptkb:Self-Assessment_Questionnaire_(SAQ)
gptkbp:website https://www.pcisecuritystandards.org/
gptkbp:bfsParent gptkb:city
gptkbp:bfsLayer 3