Statements (42)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:technical_specification
|
| gptkbp:abbreviation |
gptkb:PCI_DSS
|
| gptkbp:appliesTo |
merchants
service providers organizations that handle branded credit cards |
| gptkbp:complianceLevel |
Level 1
Level 4 Level 2 Level 3 |
| gptkbp:complianceValidation |
gptkb:Self-Assessment_Questionnaire_(SAQ)
gptkb:Attestation_of_Compliance_(AOC) gptkb:Qualified_Security_Assessor_(QSA)_audit gptkb:Report_on_Compliance_(ROC) |
| gptkbp:firstPublished |
2004
|
| gptkbp:fullName |
gptkb:Payment_Card_Industry_Data_Security_Standard
|
| gptkbp:governingBody |
gptkb:PCI_Security_Standards_Council
|
| https://www.w3.org/2000/01/rdf-schema#label |
PCI standard
|
| gptkbp:latestReleaseVersion |
4.0
March 2022 |
| gptkbp:penalty |
fines
increased transaction fees loss of merchant account |
| gptkbp:purpose |
protect cardholder data
|
| gptkbp:relatedStandard |
gptkb:PA-DSS
gptkb:PCI_PIN_Security_Requirements gptkb:PCI_PTS |
| gptkbp:requirementsCount |
12
|
| gptkbp:requires |
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords and other security parameters Develop and maintain secure systems and applications Protect stored cardholder data Regularly test security systems and processes Restrict physical access to cardholder data Track and monitor all access to network resources and cardholder data Identify and authenticate access to system components Restrict access to cardholder data by business need to know Protect all systems against malware and regularly update anti-virus software or programs Encrypt transmission of cardholder data across open, public networks Maintain a policy that addresses information security for all personnel |
| gptkbp:website |
https://www.pcisecuritystandards.org/
|
| gptkbp:bfsParent |
gptkb:PCI_2.0
|
| gptkbp:bfsLayer |
6
|