PCI Data Security Standard

The enormous popularity of using the web to shop and transact business has been largely due to the ease of serving a broad range of customers with low cost systems. Any organization, large or small, with something to sell can quickly and easily develop a web application to present its merchandise, collect payment and ship directly from inventory.

The success of e-Commerce is largely dependent upon trust—customers trust that organizations using web applications to collect and store sensitive information such as credit cards numbers and personal data have adequate security measures in place. Unfortunately, in the rush to derive revenue from the global online marketplace, speed to market often takes precedent over securing web application code. Business management overrides IT security policies at the peril of the customers they wish to serve.

In December of 2004, the Payment Card Industry (PCI) Data Security Standard (DSS) was adopted by all the major credit card companies, including Visa, MasterCard, American Express, Discover and JCB. In June 2006, PCI released v1.1 of the DSS which includes mandatory scanning of all code for security flaws or deployment of a web application firewall by mid-2008.

Free White Paper: The PCI 6.6 Deadline Is Approaching: What You Need to Know

First Name:* Last Name:*
Title:* State/Province:*
Country:* Email:*
Telephone:* Company:*
Are you currently evaluating web application security solutions?
Comments:
Fields marked with an asterisk(*) are required.
We respect your online privacy and will not sell your name to a third party;
for more information about our privacy policy click here.
Please click here to contact us directly.