Navigating Through Choppy Waters of PCI DSS Compliance-Reference-Cited by-同舟云学术

Navigating Through Choppy Waters of PCI DSS Compliance

Published: Issue: Volume: Page:99-140
ISSN:1948-9730
Container-title:Advances in Information Security, Privacy, and Ethics
language:
Short-container-title:

Author:

Nanda Amrita¹,Popat Priyal¹,Vimalkumar Deepak¹

Affiliation:

1. University at Buffalo, USA

Abstract

PCI Data Security Standard is increasingly becoming one of the major compliance requirements all organizations are concerned about. This chapter taking a holistic approach, provides an overview of various components of PCI DSS. We discuss various versions of PCI DSS and the industries affected by this standard, the scope and requirements to comply and hesitation on part of most companies to imbibe it. We also look at the high-profile credit card breaches which have occurred recently and their impact on concerned industries. Additionally, we focus on the challenges faced by financial institutions to effectively meet PCI DSS requirements. Based on our analysis of different requirements of PCI DSS, challenges faced by organizations and recent security breaches of companies which were PCI DSS complaint at the time of breach, we propose recommendations to help organizations secure their cardholder data beyond the achieved compliance in place.

Publisher

IGI Global

Reference58 articles.

1. Adams, R. (2010). Prevent, protect, pursue–a paradigm for preventing fraud. Computer Fraud & Security, 2010(7), 5-11. Retrieved online on 23rd January 2015 from http://www.sciencedirect.com.gate.lib.buffalo.edu/science/article/pii/S1361372310700804#

2. André Marïen. (2011). PCI DSS appears to reduce breaches. Computer Fraud & Security, 5. Retrieved online on 23rd January 2015 from http://www.sciencedirect.com.gate.lib.buffalo.edu/science/article/pii/S1361372311700471

3. Ataya, G. (2010). PCI DSS audit and compliance. Information Security Technical Report, 15(4), 138-144. Retrieved Online on January 22, 2015 from http://www.sciencedirect.com/science/article/pii/S136341271100015X

4. Bluemner, A. (2014) The $5.4M Question: Can POS Systems Prevent Credit Card Fraud? Retrieved online on 10th October January 2015 from http://findaccountingsoftware.com/expert-advice/the-54m-question-can-pos-systems-prevent-credit-card-fraud/

5. Caralli, R. A., Stevens, J. F., Young, L. R., & Wilson, W. R. (2007). Introducing octave allegro: Improving the information security risk assessment process (No. CMU/SEI-2007-TR-012). Carnegie-Mellon Univ. Retrieved on 23rd January 2015 from http://resources.sei.cmu.edu/asset_files/TechnicalReport/2007_005_001_14885.pdf