Payment Card Industry Network Discussion Forum

  1. Payment Card Industry Forum

    News, emerging technologies and general discussion.
    1. EMV Cards / Chip and Pin

      The EMV Specifications and related testing processes aim to facilitate worldwide interoperability and acceptance of secure payment transactions. The following EMV Specifications are currently managed by EMVCo: EMV Contact – Currently in v4.3, this specification is for chip-based contact payment cards and terminals. EMV Contactless – Currently in v2.3, this specification is for chip-based contactless payment cards and terminals. EMV Next Generation – Currently in development with the consultation of stakeholders worldwide, this specification will be backwards-compatible with EMV Contact and EMV Contactless Specifications. A draft specification is expected in 2014, with a final specification the following year. EMV Common Payment Application (CPA) – v1.0 of this specification is a Common Core Definitions (CCD)-compliant application. EMV Card Personalisation Specification (CPS) – v1.1 of this specification standardises EMV card personalisation. EMV Tokenisation Specification – Currently in development with the consultation of stakeholders worldwide, this specification addresses the process of replacing a traditional card account number with a unique payment token. A draft specification is expected in 2014.
      Discussions:
      2
      Messages:
      2
      RSS
    2. Payment Card Industry Discussion

      General PCI related discussion not covered by other sub forums on this site.
      Discussions:
      6
      Messages:
      6
      RSS
    1. Latest: SAQ Requirement? Rscott, Jun 2, 2015
      RSS
    2. PA-DSS Compliance Q&A

      Payment Application Data Security Standard (PA-DSS) Compliance Q&A
      Discussions:
      0
      Messages:
      0
      (Contains no messages)
      RSS
    1. Build and Maintain a Secure Network and Systems (Requirements 1-2)

      Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
      Discussions:
      35
      Messages:
      37
    2. Protect Cardholder Data (Requirements 3-4)

      Requirement 3: Protect stored cardholder data Requirement 4: Encrypt transmission of cardholder data across open, public networks
    3. Maintain a Vulnerability Management Program (Requirements 5-6)

      Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs Requirement 6: Develop and maintain secure systems and applications
    4. Implement Strong Access Control Measures (Requirements 7-9)

      Requirement 7: Restrict access to cardholder data by business need to know Requirement 8: Identify and authenticate access to system components Requirement 9: Restrict physical access to cardholder data
    5. Regularly Monitor and Test Networks (Requirements 10-11)

      Requirement 10: Track and monitor all access to network resources and cardholder data Requirement 11: Regularly test security systems and processes
    6. Maintain an Information Security Policy (Requirement 12)

      Requirement 12: Maintain a policy that addresses information security for all personnel
      Discussions:
      39
      Messages:
      40
    1. Test Forum

      Discussions:
      0
      Messages:
      0
      (Contains no messages)
      RSS
    2. Comments

      Discussions:
      4
      Messages:
      4
      Latest: Scam Victims Hotline billcage, Sep 29, 2011
      RSS
  2. PCI Network Policies

    Terms of Use and Privacy polices
    Discussions:
    1
    Messages:
    1
    Latest: Terms of Use pcinetwork, Oct 19, 2014
    RSS