Payment Card Industry Data Security Standard (PCI DSS)
The PCI Security Standards Council is an open global forum and was formed in 2006 – the 5 founding global payment brands include:
American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
A Global Security Standard, PCI DSS comprises of 12 comprehensive requirements designed to enhance the security of cardholder data. The most poignant of these requirements in terms of large file transfer are:
- Requirement 3: Protect stored cardholder data.
- Requirement 4: Encrypt transmission of cardholder data across open, public networks.
- Requirement 6: Develop and maintain secure systems and applications.
- Requirement 9: Restrict physical access to cardholder data.
- Requirement 10: Track and monitor all access to network resources and cardholder data.
Companies that do not comply with PCI DSS are liable to incur operational and financial consequences enforced by the individual payment brands. To find out more about how to become PCI Compliant, please click here.