PCI DSS made easy
Major credit card companies are pushing hard to stop the financial fraud incidents that have affected numerous organizations and their consumers. Consequently, organizations that accept payment card transactions are duly bound to comply to PCI DSS by end of 2007. Organizations that fail to comply, risk not being allowed to handle cardholder data and fines of up to $500,000 if the data is lost or stolen. This white paper examines the necessary requirements to adhere to PCI DSS, the implications of noncompliance as well as how effective event log management and network vulnerability management play a key role in achieving compliance.
Credit cards are widespread and their use for online payments is increasing dramatically. There were 1.3 billion credit cards in circulation in the U.S. in 2004, with 76% of Americans having at least one credit card. Retail U.S. ecommerce sales in the fourth quarter of 2006 were $33.9billion, a 25% increase over the same quarter in 2005. There is bad news however: Credit card fraud (25%) was the most common form of reported identity theft in 2006. Considering that more than $48 billion was lost by financial institutions and businesses in that year due to identity theft, and $5 billion lost by individuals, it can be said that credit card fraud is digging deep into everyone’s pockets! E-commerce fraud is also on the rise, reaching $3 billion in 2006 with an increment of 7% over 2005. This white paper examines the consequences of cardholder data theft and addresses the following key questions:
|
 |
|
|
|
Click Here to read the complete Whitepaper...
