Which of the following information security standards defines security policies, technologies and ongoing processes for organizations that handle cardholder information for debit, credit, prepaid, epurse, ATM, and POS cards?
A.
Health Insurance Portability and Accountability Act (HIPAA)
B.
Payment Card Industry Data Security Standard (PCI-DSS)
C.
Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
D.
Information Security Acts: Sarbanes Oxley Act (SOX)
The Payment Card Industry Data Security Standard (PCI-DSS) is the information security standard that defines security policies, technologies, and ongoing processes for organizations that handle cardholder information for various types of cards, including debit, credit, prepaid, e-purse, ATM, and POS cards. PCI-DSS was developed by major credit card companies to create a secure environment for processing, storing, and transmitting cardholder data. Compliance with PCI-DSS involves adhering to a set of requirements that ensure the secure handling, storage, and transmission of cardholder information.
References: The significance and requirements of PCI-DSS are detailed in resources such as the Cloud Security Alliance’s guide on “Understanding PCI DSS: A Guide to the Payment Card Industry Data Security Standard” and the official PCI Security Standards Council documentation12.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit