Friday, 18 July 2014

A developer's guide to complying with PCI DSS 3.0 Requirement 6

I have written the following article for IBM which was published on IBM's DeveloperWorks
A developer's guide to complying with PCI DSS 3.0 Requirement 6 (website)

A developer's guide to complying with PCI DSS 3.0 Requirement 6 (PDF)

The Payment Card Industry Data Security Standard (PCI DSS) is a highly prescriptive technical standard, which is aimed at the protection of debit and credit card details, which is referred to within the payments industry as cardholder data. The objective of the standard is to prevent payment card fraud, by securing cardholder data within organizations that either accept card payments, or are involved in the handling of cardholder data. PCI DSS consists of 12 sections of requirements, and usually responsibility for compliance rests with IT infrastructure support. PCI DSS requirement 6, however, breaks down into 28 individual requirements, and sits squarely with software developers involved in the development of applications that process, store, and transmit cardholder data. PCI compliance heavily revolves around IT services. IT focused compliance managers that are tasked with achieving compliance within organizations, often lack the required software developer knowledge and experience to help assure that the application development meets the arduous requirements of PCI DSS.

7 comments:

business phone lines said...

If your business needs between 2 and 8 voice lines, then is what you need, if you need 8 lines or more then ISDN30 is a better option.

Iftekhar Ahmed said...

Glad to read your post :). It is very informative!

Christina said...

Very value able post, I read the whole story when I start reading it.

Bipasha said...

I appreciate your blog post, beautifully expressed and well written.

sanam arzoo said...

I really love reading and following your post as I find them extremely informative and interesting. This post is equally informative as well as interesting . Thank you for information you been putting on making your site such an interesting. Software Development Company

PCI QSA TALK said...

Dave, I enjoy your posts on PCI. Would love for you to participate on my PCI QSA Discussion site. www.pciqsatalk.com

James Martin said...

From this blog, I learn every function of PCI DSS 3.0. This is a best post for understand the functions of this tool.
web application development services