PCI Security Standards Council

	Casino Articles
PCI Security Standards Council By: Joan Peppin, Friday April 2nd 2010 2 Comments Email Print Payment by cards is still the preferred option at online casinos. The cards include credit cards, debit cards and prepaid cards. Most online casino players take for granted the security offered by the cards industry without ever becoming aware of the tremendous effort being made on a continuous basis in this regard by the industry. This article highlights some of the steps being taken so that players who use cards to deposit funds are more comfortable doing so. The combined cards industry is referred to as the Payment Card Industry or PCI. The PCI has instituted a Security Standards Council. This was done by leaders in the industry like American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. The mission of the Security Standards Council is the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The Security Standards Council has formulated a comprehensive set of requirements that all cards providers are expected to incorporate in their systems. These requirements are known as PCI Data Security Standard or PCI DSS for short. The PCI DSS is not a static document. New payment security risks keep emerging as those involved in hacking through the security network overcome existing barriers. Therefore in order to mitigate these risks and even preempt actions by the hackers, the Security Standards Council enhances the requirements contained in the PCI DSS. The Advisory Board of the Security Standards Council and other key stakeholders are consulted and provide inputs during the review and up gradation of the PCI DSS. The PCI DSS is broken up into six sections each revolving around a specific principle. Requirements have been formulated as to how these principles are to be enforced. The first principle involves building and maintaining a secure network. The providers of the cards services are required to install and maintain a firewall configuration to protect cardholder data. Some components of the system may be outsourced from vendors. It is essential that the vendor-supplied defaults for system passwords and other security parameters are not continued but are changed immediately. This is to prevent anyone from the vendor organization accessing the system. The next principle is to protect cardholder data. The protection is required in two instances. The data has to be protected while it is stored on the servers. It also has to be protected while transmission across open, public networks. Encryption protocols are used to protect the data during transmission. As mentioned earlier, the system is likely to come under threat from hackers. Therefore it is essential to maintain a vulnerability management program. One of the key requirements of such a program is the use of anti-virus software, which is regularly updated. There is a need to implement a strong access control system. For this the physical access and the electronic access to the cardholder data must be restricted. Personnel who are allowed access must be assigned a unique ID so that their transactions can be traced back. In fact there must be a system in place that tracks and monitors all access to cardholder data. Finally there needs to be an information security policy. There is a system for testing the compliance of the different cards offered in the industry against the above principles and requirements. Based on the fulfillment of the requirements the level of compliance is certified by the Security Standards Council. Therefore those players who still fear using credit, debit or prepaid cards at online casinos should rest assured that the industry is seized of the issue and is taking all possible steps to prevent misuse. Article Tools Email Print Digg Del.icio.us StumbleUpon Comments Add Comment Comment by: jerrybrown On: April 13, 2010 Knowing that you're playing at casinos that are secure is key IMHO in ensuring that the whole idea of security as related to gambling and the internet is kept in tact. Comment by: Alison Pravda On: April 05, 2010 It's key for networks to be PCI certified I beleive. From my expereince it's shown to be key in ensuring that no data pertaining to credit cards or other personal information is ever stolen by hackers. Or at least is a great preventative measure as they have all the right security protocols in place. Add Comment You must be signed-in to add a comment: - Sign-in - Register More Articles Chinese New Year Online Slot The Fantastic Sinbad Slot Game Romeo And Juliet In Online Slots Usher The New Year With Fluo Party Valkyrie Online Slot From Elk Top of Page

Casino Articles

PCI Security Standards Council

By: Joan Peppin, Friday April 2nd 2010

Payment by cards is still the preferred option at online casinos. The cards include credit cards, debit cards and prepaid cards. Most online casino players take for granted the security offered by the cards industry without ever becoming aware of the tremendous effort being made on a continuous basis in this regard by the industry. This article highlights some of the steps being taken so that players who use cards to deposit funds are more comfortable doing so.

The combined cards industry is referred to as the Payment Card Industry or PCI. The PCI has instituted a Security Standards Council. This was done by leaders in the industry like American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. The mission of the Security Standards Council is the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

The Security Standards Council has formulated a comprehensive set of requirements that all cards providers are expected to incorporate in their systems. These requirements are known as PCI Data Security Standard or PCI DSS for short. The PCI DSS is not a static document. New payment security risks keep emerging as those involved in hacking through the security network overcome existing barriers. Therefore in order to mitigate these risks and even preempt actions by the hackers, the Security Standards Council enhances the requirements contained in the PCI DSS. The Advisory Board of the Security Standards Council and other key stakeholders are consulted and provide inputs during the review and up gradation of the PCI DSS. The PCI DSS is broken up into six sections each revolving around a specific principle. Requirements have been formulated as to how these principles are to be enforced.

The first principle involves building and maintaining a secure network. The providers of the cards services are required to install and maintain a firewall configuration to protect cardholder data. Some components of the system may be outsourced from vendors. It is essential that the vendor-supplied defaults for system passwords and other security parameters are not continued but are changed immediately. This is to prevent anyone from the vendor organization accessing the system. The next principle is to protect cardholder data. The protection is required in two instances. The data has to be protected while it is stored on the servers. It also has to be protected while transmission across open, public networks. Encryption protocols are used to protect the data during transmission.

As mentioned earlier, the system is likely to come under threat from hackers. Therefore it is essential to maintain a vulnerability management program. One of the key requirements of such a program is the use of anti-virus software, which is regularly updated. There is a need to implement a strong access control system. For this the physical access and the electronic access to the cardholder data must be restricted. Personnel who are allowed access must be assigned a unique ID so that their transactions can be traced back. In fact there must be a system in place that tracks and monitors all access to cardholder data. Finally there needs to be an information security policy.

There is a system for testing the compliance of the different cards offered in the industry against the above principles and requirements. Based on the fulfillment of the requirements the level of compliance is certified by the Security Standards Council. Therefore those players who still fear using credit, debit or prepaid cards at online casinos should rest assured that the industry is seized of the issue and is taking all possible steps to prevent misuse.

Article Tools

Email Print Digg Del.icio.us StumbleUpon

Comments

Add Comment

Comment by: jerrybrown On: April 13, 2010
Knowing that you're playing at casinos that are secure is key IMHO in ensuring that the whole idea of security as related to gambling and the internet is kept in tact.

Comment by: Alison Pravda On: April 05, 2010
It's key for networks to be PCI certified I beleive. From my expereince it's shown to be key in ensuring that no data pertaining to credit cards or other personal information is ever stolen by hackers. Or at least is a great preventative measure as they have all the right security protocols in place.

Add Comment

You must be signed-in to add a comment: - Sign-in - Register

Chinese New Year Online Slot

The Fantastic Sinbad Slot Game

Romeo And Juliet In Online Slots

Usher The New Year With Fluo Party

Valkyrie Online Slot From Elk

Top of Page

	Article Categories
Gambling Law (13) Beginners Guide (381) Casino Bonus (41) Casino Banking (39) Getting Started (73) Casino Software (149) Casino Games (643) Slots (331) Blackjack (94) Video Poker (55) Roulette (36) Craps (19) Baccarat (19) Caribbean Stud (12) Pai Gow Poker (8) Sic Bo (7) Keno (12)

	RSS & XML Feeds
Subscribe to our Articles Feed Below: RSS 0.91 RSS 2.0 ATOM

Top 10 Ranked Online Casinos

Casino Name
Jackpot City
EuroPalace
Roxy Palace
All Slots
Platinum Play
Royal Vegas
Gaming Club
Ruby Fortune
Spin Casino
Casino Splendido

More Top Rated Online Casinos

Casino > Casino Articles > Casino Banking > PCI Security Standards Council