News
PCI DSS Standard
PCI SVA supports companies of the payment card industry in achieving compliance with the ‘Payment Card Industry Data Security Standard’ (PCI DSS) by offering products and services. PCI DSS is a standard developed by Visa, MasterCard, American Express, Discover and JCB and contains a catalogue of 12 requirements – from encryption, transaction-logging and -monitoring through to authentication and access control. By creating its own standard the payment card industry beat government regulation so to speak.
All companies that process credit card details are currently busy in implementing the standard. Companies that process more than 6 Mio. transactions have until 30. September 2007 to achieve PCI DSS compliance. For companies that process less than 6 Mio. transactions the deadline of 30th December 2007 applies.
The heightened security measures are a direct response to increased security risks as well as soaring fraudulent use of credit card details. Compliance with PCI DSS means the application of best practises for information security. This is especially true for a Web Application Firewall (WAF). It is regarded as key technology which is emphasised in chapter 6.6, version 1.1 of the PCI DSS. Furthermore, the implementation of Web Application Firewalls will become the norm for all companies processing credit card details from 30th June 2008.
It is predictable that WAF technology will experience growth, if not to say a real hype with the emergence of application security. With this in mind United Security Providers is already increasing the international presence of the company and their USP Secure Entry ServerTM solution in the credit card industry, positioning themselves as a solution provider in the area of PCI DSS compliance.
Bearing all these exciting developments in mind, one comes to the concise conclusion: Within the PCI DSS compliance area the modern watchdog no longer barks ‘WUFF’ but ‘WAF’….
For further information please visit http://www.pcialliance.org/.
08/14/2007back