Resources for Federal Financial Institutions Examination Council (FFIEC)

In compliance with government data regulations

www.merinews.com

Providing protection for credit card information travelling over the Internet has always been a smart practice for the sake of all parties involved. Now, because of PCI DSS, it is not only smart, but mandatory.THIS WHITE paper explores these standards and regulations—some firmly in place, some emerging, others in the formative stage—and describes the recommendations or requirements they impose for using encryption and related technologies. The reader should bear in mind that this area is a fast-moving target. Today’s recommendations are tomorrow’s requirements, and new standards are arising all the time. There are many ways to steal credit card numbers, but scavenging through garbage cans in search of receipts has given way in recent years to intercepting transmissions between customers making online purchases and their suppliers—a method that is much easier, not to mention cleaner. Since using credit for payment is a very popular way for commerce to be conducted online, the buyer’s credit card number must at some point be transmitted electronically to the seller; and if it is unencrypted or inadequately encrypted, stealing it can be easy.

View the Resource

Share or bookmarklet this web page at: