Payment Card Industry Data Security Standard

How NETconsent helps

• NETconsent mitigates risk by ensuring staff who are involved in credit card processing understand, and agree to comply with security policies.
• NETconsent cuts processing time by enforcing electronic acceptance or decline of PCI policies at logon
• NETconsent reduces the risk of errors that might entail regulatory penalties.
• NETconsent makes proving PCI compliance easier by providing a comprehensive audit trail of policies, policy acceptance and user training.
• NETconsent reduces operational costs by streamlining the administration of policy documents and reducing the effort expended on meeting annual PCI training requirements.
• NETconsent reports pinpoint potential areas of risk by testing user understanding of the PCI compliance related policies they have read.
• NETconsent provides a ‘greener’ alternative to paper as policies do not require printing.

Challenges of PCI DSS

PCI compliance is not just about putting technology controls in place. Effective communication and understanding of policies and procedures has a vital role to play in maintaining PCI compliance standards.

Companies who are shown not to be PCI compliant may be subject to increased processing fees or even a bar on processing credit card transactions.

Requirements of PCI DSS

The PCI DSS requires organisations to:

• Build and Maintain a Secure Network
• Protect Cardholder Data
• Maintain a Vulnerability Management Program
• Implement Strong Access Control Measures
• Regularly Monitor and Test Networks
• Maintain an Information Security Policy

Introduction to PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements developed to reduce credit card fraud and increase data security. This industry standard affects every company that deals with card payment transactions.