1 / 8

Payment Card Industry Data Security Standards (PCI-DSS) Training

Payment Card Industry Data Security Standards (PCI-DSS) Training. What is PCI-DSS?. PCI-DSS is broken down into 12 requirements and helps to secure credit/debit card information. PCI-DSS applies to all entities that store, process, and/or transmit cardholder data. PCI Requirements.

vevay
Download Presentation

Payment Card Industry Data Security Standards (PCI-DSS) Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Payment Card Industry Data Security Standards (PCI-DSS) Training

  2. What is PCI-DSS? PCI-DSS is broken down into 12 requirements and helps to secure credit/debit card information. PCI-DSS applies to all entities that store, process, and/or transmit cardholder data.

  3. PCI Requirements The majority of these requirements are handled by ITS, Office of Cashiering, & department managers. You need to focus on Requirement 3.

  4. Requirement 3:Protecting Cardholder Information What is Cardholder Information? • Cardholder data refers to any information on a customer’s payment card: • Primary Account Number (PAN) – number printed or embossed on the front of the card • Expiration date of the card • Cardholder name • Any magnetic stripes embedded on the back of the card • Data chips within the card • Security code on the card

  5. Accepting Credit/Debit Cards In order to process a card, we need the following information: • Cardholder’s Name • 16 digit card number (Visa, MasterCard, or Discover) • Expiration Date • Telephone number • Note: We do not need the security code to process a card. Please do not ask for or store this information. For security, all cardholder information should be processed in the cashiering system immediately.

  6. Accepting Credit/Debit Card Don’ts

  7. Accepting Credit/Debit Card Don’ts • Card numbers should never be faxed or emailed because they travel through a public network and transmissions are not encrypted. • Card numbers should never be unsecured for any period of time. If payments are not processed immediately, they should be locked in a secure location with limited access. Please do not leave this information lying around on desks or printers. • Card numbers should never be saved on PCs, laptops, smart phones, etc. • Card numbers should never be mailed from one department to another. Please hand deliver this information to the Office of Cashiering. • If you must store information that contains card numbers, the numbers must be blacked out or deleted (if using an electronic source) before storing. • Cashiering accounts should never be shared. Only process payments on your account.

  8. Consequences for not being PCI Compliant The entire university will lose the ability to accept credit and debit cards as a form of payment. It is very importantthat we keep cardholder information secure.

More Related