Online Legal…

Terminology / Definitions

Merchants = Entities directly involved in the processing, storage, transmission and switching of (i) transaction data, (ii) cardholder information, or (iii) both.

Service Providers = Entities not directly involved in (i) to (iii) above but includes organisations who (i) provide services to Merchants or (ii) control the security of cardholder data or (iii) could impact the security of cardholder data in other way.

Bottom line

The Payment Card Industry Data Security Standard (PCI DSS) applies globally to all entities, regardless of their size, that process debit or credit card information, including all Merchants and Service Providers that process, transmit or store cardholder data.

Introduction: PCIDSS and PCIDSS Council

Each of the different individual card companies initially had their own independent security programs to protect and secure the personal data that was handled and held by them. The 5 major card companies however formed the PCIDSS Council (the Council) in 2006 to develop a global security standard for the safe handling of all card information, namely the Payment Card Industry Data Security Standard. The Council is an independent body that manages and maintains the PCIDSS. The PCI DSS assists Merchants, Service Providers and other card processors that store, process or transmit cardholder data, with the safe handling of sensitive cardholder information.

To get a comprehensive Information Sheet on this topic, please contact us.

Similar:

• Security Policy
• Measures to be taken by companies to guarantee security of Internet transactions
• What is “information security law”?
• Current Infosec Trends
• Guide to the Electronic Communications Act (2006)

Tags: PCI DSS