payment card industry data security standard (PCI-DSS)

Payment Card Industry Data Security Standard(PCIDSS) is a mandatory credit card standard for credit card companies, specified by the PCI Security Standards Council.

The PCI DSS standard is intended to improve data security in credit card use and to protect personal data. The PCI-DSS standard is based on the Visa Account Information Security( AIS) and MasterCard Site Data Protection( SDP) security programs. The goals of the PCI-DSS standard are about a secure network in which transactions can be conducted. It is about protecting cardholder information when it is stored and encrypting data when it is transmitted over public networks. Preventing malware and hacker attacks through anti- virus programs and other security programs, and ensuring their security functions by constantly monitoring the networks.

Newer versions of the PCI-DSS standard are characterized by higher security measures. For example, authentication is performed using Multifactor Authentication( MFA), whereas in the past, two-factor authentication( 2FA) was used. With multifactor authentication, some credit institutions rely on identification by means of password, voice recognition and fingerprint recognition. PCI-DSS is certified and divided into several Security Levels( SL).