Essential Guide

PCI 3.0 special report: Reviewing the state of payment card compliance

A comprehensive collection of articles, videos and more, hand-picked by our editors

PCI DSS 3.0

PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the security of electronic payment data and sensitive authentication data.

PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SS)) to ensure the security of electronic payment data and sensitive authentication data.

Notable new or updated requirements in PCI DSS 3.0 include methodology-based penetration testing to verify that the methods used to segment the merchant cardholder data environment (CDE) from other IT infrastructure, an inventory of all hardware and software components within the cardholder data environment, documentation detailing which requirements are managed by third-party vendors vs. which are managed by the organization itself, antimalware detection and remediation processes for systems considered to be not commonly affected by malicious software, physical access controls for onsite personnel and methods to protect payment data-capture devices from tampering and substitution.

PCI DSS is updated on a three-year cycle; the previous revision was PCI DSS 2.0, released in 2010. The next major revision to the standard is expected to be released in 2016. The standard, created by the major credit card companies in 2004 to foster widespread adoption of consistent data security practices throughout the payment processing ecosystem, consists of introductory information outlining the purpose and scope of the standard; 12 requirements and their associated sub-requirements; and four appendices outlining additional compliance guidance for various special circumstances.

This was first published in November 2013

Continue Reading About PCI DSS 3.0

Glossary

'PCI DSS 3.0' is part of the:

View All Definitions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

PCI 3.0 special report: Reviewing the state of payment card compliance

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close