Data breaches and cybercrime are routinely reported in the popular press. Popular, well-known companies such as Sony and Citibank have joined the ranks of security and payment card industry firms such as RSA and Heartland Payment Systems as victims of cyber attacks. These types of attacks are not new, and over time, businesses have responded by developing and enforcing minimal standards for protecting payment card data. The Payment Card Industry Data Security Standards (PCI DSS) define protections for credit and debit card data and holds merchants and payment processors responsible for meeting these standards.
The Shortcut Guide to PCI Compliance and How SSL Certificates Fit provides an overview of PCI DSS and SSL certificates, outlines what is required by PCI DSS, and provides a PCI compliance checklist. We start in this chapter by discussing three fundamental questions:
We begin by examining the business drivers that lead to the development of PCI DSS.
Click here to download this chapter or book.