PCI DSS Version 4.0
A guide to the payment card industry data security standard
Published on 27. February 2024
Book
Paperback/Softback
86 pages
978-1-78778-507-6 (ISBN)
Description
The PCI DSS (Payment Card Industry Data Security Standard) is now on its fourth version. The withdrawal date for v3.2.1 is 31 March 2024. Many organisations around the world - particularly those that fall below the top tier of payment card transaction volumes - are not yet compliant with the new version.
This book:
Explains the fundamental concepts of PCI DSS v4.0;
Is a perfect quick reference guide for PCI professionals, or a handy introduction for people new to the payment card industry; and
Covers the consequences of a data breach and how to comply with the Standard, giving practical insights.
An ideal introduction to PCI DSS v4.0
Organisations that accept payment cards are prey for criminal hackers trying to steal financial information and commit identity fraud. Many attacks are highly automated, searching for website and payment card system vulnerabilities remotely, using increasingly sophisticated tools and techniques.
This guide will help you understand:
How you can comply with the requirements of the Standard;
The PCI DSS and ISO/IEC 27001:2022;
PTS (PIN Transaction Security); and
P2PE (Point-to-point encryption).
This book:
Explains the fundamental concepts of PCI DSS v4.0;
Is a perfect quick reference guide for PCI professionals, or a handy introduction for people new to the payment card industry; and
Covers the consequences of a data breach and how to comply with the Standard, giving practical insights.
An ideal introduction to PCI DSS v4.0
Organisations that accept payment cards are prey for criminal hackers trying to steal financial information and commit identity fraud. Many attacks are highly automated, searching for website and payment card system vulnerabilities remotely, using increasingly sophisticated tools and techniques.
This guide will help you understand:
How you can comply with the requirements of the Standard;
The PCI DSS and ISO/IEC 27001:2022;
PTS (PIN Transaction Security); and
P2PE (Point-to-point encryption).
More details
Language
English
Place of publication
Ely
United Kingdom
Target group
Professional and scholarly
Dimensions
Height: 198 mm
Width: 129 mm
Thickness: 6 mm
Weight
149 gr
ISBN-13
978-1-78778-507-6 (9781787785076)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
E-Book
02/2024
1st Edition
IT Governance Publishing
€19.49
Available for download
E-Book
02/2024
1st Edition
IT Governance Publishing
from
€19.95
Available for download
Person
Stephen Hancock is a highly experienced cyber security consultant and auditor. He has been a PCI Qualified Security Assessor for more than 10 years. He has advised on PCI DSS and conducted assessments internationally for many clients ranging from multinational retailers to start-up fintech companies and payment service providers. Stephen has been involved in developing and delivering training courses for PCI DSS and ISO 27001, and holds a number of information security qualifications.
Content
Chapter 1: What is the Payment Card Industry Data Security Standard (PCI DSS)?
Chapter 2: High-profile cardholder breaches
Chapter 3: What is the scope of the PCI DSS?
Chapter 4: Compliance and compliance programmes
Chapter 5: Consequences of a breach
Chapter 6: How do you comply with the requirements of the Standard?
Chapter 7: Maintaining compliance
Chapter 8: PCI DSS - the Standard
Chapter 9: Aspects of PCI DSS compliance
Chapter 10: The PCI self-assessment questionnaire (SAQ)
Chapter 11: Procedures and qualifications
Chapter 12: The PCI DSS and ISO/IEC 27001
Chapter 13: The Software Security Framework
Chapter 14: PIN Transaction Security (PTS)
Chapter 15: Point-to-point encryption (P2PE)
Chapter 16: Software-based PIN entry on commercial off-the-shelf (COTS) devices
Further reading
Chapter 2: High-profile cardholder breaches
Chapter 3: What is the scope of the PCI DSS?
Chapter 4: Compliance and compliance programmes
Chapter 5: Consequences of a breach
Chapter 6: How do you comply with the requirements of the Standard?
Chapter 7: Maintaining compliance
Chapter 8: PCI DSS - the Standard
Chapter 9: Aspects of PCI DSS compliance
Chapter 10: The PCI self-assessment questionnaire (SAQ)
Chapter 11: Procedures and qualifications
Chapter 12: The PCI DSS and ISO/IEC 27001
Chapter 13: The Software Security Framework
Chapter 14: PIN Transaction Security (PTS)
Chapter 15: Point-to-point encryption (P2PE)
Chapter 16: Software-based PIN entry on commercial off-the-shelf (COTS) devices
Further reading