1 / 15

GTEC Meeting August 17th 2010 PCI Compliance

edana
Download Presentation

GTEC Meeting August 17th 2010 PCI Compliance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. GTEC Meeting August 17th 2010 PCI Compliance

    2. 1

    3. Industry Responds to Payment Card Data Theft To combat the increasing fraud, the major card brands created the PCI SSC (Payment Card Industry Security Standards Council). Defined a common set of standards accepted by all brands to introduce payment security best practices as a way to reduce payment system fraud.

    4. PIN Entry Device Security

    6. PCI – PED Visa is mandating PIN accepting dispensers (DEBIT) adhere to EPP standards to support industry migration to TDES.

    7. In the future – Dispensers will be required to comply with the more comprehensive PCI UPT requirements. Involves the entire payment terminal including: Keypads Card Readers Display Prompts PCI EPP and UPT Compliance

    8. Payment Security Product Overview - Flexibility

    9. Additional Considerations Payment security standards continue to evolve PCI standards may be updated every few years Level 1.X - Release date 2004 (Current) Level 2.0 – Release date 2009 (Current) Level 3.0 / UPT – Release date 2010 (Mandate ?) Standards versions affect deployment longevity 2009 introduction of Unattended Payment Terminal (UPT) PCI Council published PCI 3.0 in April 2010 Consolidating specs and modularizing certifications Incremental security requirements Inclusion of non-PIN devices – card security, open protocols Further UPT clarifications and configuration details

    10. PCI EPP Versions and UPT: Security Differences 9

    12. 11

    14. 13

    15. 14

More Related