
Author – Swati Sharma
This blog provides an overview of challenges that e-commerce merchant face when going for Payment Card Industry (PCI DSS) compliance requirements, as well as key recommendations for addressing those challenges. With the increase of Internet usage across the globe, the e commerce sales have touched $1.471 trillion in 2014. It is approximated that it will reach to $2.356 trillion by 2018.
Problem/ Challenges | Implementation Tip |
---|---|
|
|
|
|
|
1. Hashing- When card number are being stored for comparison purposes like comparing entered card number from blacklisted cards 2. Encryption- when clear text card numbers are required to perform an operation like ‘express checkout’ service 3. Truncation- When full card numbers is not required and first 6 and last 4 digits of PAN with other parameters are sufficient to identify particular entry like MIS reporting 4. Tokenization- when applications and systems can perform the operations with tokens instead of actual card |
|
|
|
|
|
|
|
|
Author – Swati Shrama, CISSP, PCI QSA, CISM, ISO 27001 LA, MS-Information Security