Conversational modules
Programmable Channels
Platform functionality
Business segments
Industry verticals
Department
Our services
Solutions for telecoms
See why leading telecoms around the world choose Infobip to transform their network
Create new B2B revenue streams with our omnichannel communications platform
Telecom core & security
Secure your network from SMS and Voice fraud with our firewall that protects 120+ operators
Ensure all A2P SMS traffic is properly charged and eliminate revenue leakage with our SMS Firewall
Community & Resources
Knowledge hub
Title
What is PCI DSS (Payment Card Industry Data Security Standard)?
PCI DSS stands for Payment Card Industry Data Security Standard and is a security standard for companies and organizations that handle credit card information.
The Payment Card Industry Standards Council created it to increase cardholder data security.
The PCI DSS was first released in 2004 after Visa, MasterCard, American Express, Discover, and JCB formed the PCI SSC to conciliate their security policies. Since then, there have been several versions.
What is the difference between PCI DSS and ISO 27001?
PCI DSS is a standard that covers information security of credit cardholders’ information, where ISO/IEC 27001 is a specification for an information security management system.
What are the levels of PCI DSS?
There are four PCI levels, depending on the volume of card transactions your business handles yearly:
- PCI Level 1: Businesses processing over 6 million transactions per year
- PCI Level 2: Businesses processing 1 million to 6 million transactions per year
- PCI Level 3: Businesses processing 20,000 to 1 million transactions per year
- PCI Level 4: Businesses processing less than 20,000 transactions per year
What are the principles of PCI DSS?
The 12 principles of PCI DSS include the following:
- Installing and maintaining a firewall
- Changing passwords and security settings
- Protecting stored cardholder data
- Encrypting cardholders’ data
- Using and updating antivirus programs
- Developing security systems and processes
- Restricting access to cardholders’ data
- Restricting physical access to cardholders’ data
- Identifying and authenticating access to system components
- Tracking and monitoring who accesses networks and cardholders’ data
- Regularly testing systems and processes
- Having a policy on information security
