 |
Certified Payment-Card Industry Security Implementer (CPISI) is a certification in the field of Payment Card Industry Data Security Standard (PCI DSS).
The Payment Card Industry Security Standards Council (PCI SSC) manages the standard and certifies training organizations. PCI SSC is a collective formed by MasterCard, Visa, American Express, JCB, Wirecard and Discover.
Tokenization, when applied to data security, is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token, that has no intrinsic or exploitable meaning or value. The token is a reference that maps back to the sensitive data through a tokenization system. The mapping from original data to a token uses methods that render tokens infeasible to reverse in the absence of the tokenization system, for example using tokens created from random numbers. A one-way cryptographic function is used to convert the original data into tokens, making it difficult to recreate the original data without obtaining entry to the tokenization system's resources. To deliver such services, the system maintains a vault database of tokens that are connected to the corresponding sensitive data. Protecting the system vault is vital to the system, and improved processes must be put in place to offer database integrity and physical security.
The Cardholder Information Security Program (CISP) was a program established by Visa USA in 2001 to ensure the security of cardholder information as it is being processed and stored by merchants and service providers.
PCI may refer to:
A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.
The Payment Card Industry Data Security Standard is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council, and its use is mandated by the card brands. It was created to better control cardholder data and reduce credit card fraud. Validation of compliance is performed annually or quarterly with a method suited to the volume of transactions:
The payment card industry (PCI) denotes the debit, credit, prepaid, e-purse, ATM, and POS cards and associated businesses.
Fusepoint Managed Services was a provider of managed IT solutions for companies throughout North America. Founded in 1999, Fusepoint grew by over 1,400% within five years and, in 2008, was ranked 46th by PROFIT magazine in a list of Canada's 100 fastest-growing companies. Fusepoint was ranked as the 83rd largest technology company according to Globe's Branham Group. Fusepoint was a privately held company with offices and data centres in Vancouver, Toronto, Montreal and Quebec City. Savvis, Inc acquired Fusepoint in 2010.
The Payment Card Industry Security Standards Council was formed by American Express, Discover Financial Services, JCB International, MasterCard and Visa Inc. on September 7, 2006, with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard.
Certified Payment-Card Industry Security Manager(CPISM) is an independent payments industry certification governed by the Society of Payment Security Professionals (commonly known as the SPSP). The CPISM is the de facto certification for payment security professionals. This certification is held by members from diverse backgrounds including Level 1 - 4 Merchants, Acquirers, Issuers, QSAs, Processors, Gateways, Service Providers, and Consultants. All CPISM holders are members of the SPSP.
Qualified Security Assessor (QSA) is a designation conferred by the PCI Security Standards Council to those individuals that meet specific information security education requirements, have taken the appropriate training from the PCI Security Standards Council, are employees of a Qualified Security Assessor (QSA) company approved PCI security and auditing firm, and will be performing PCI compliance assessments as they relate to the protection of credit card data.
HP Application Security Center (ASC) was a set of technology solutions by HP Software Division. Much of the portfolio for this solution suite came from HP's acquisition of SPI Dynamics. The software solutions enabled developers, quality assurance (QA) teams and security experts to conduct web application security testing and remediation. The security products have been repackaged as enterprise security products from the HP Enterprise Security Products business in the HP Software Division.
Certified Payment-Card Industry Security Auditor(CPISA) is an independent payments industry certification governed by the Society of Payment Security Professionals (commonly known as the SPSP). The CPISA focuses on information technology, information security, and auditing knowledge and skills. This certification is held by members from diverse backgrounds including Level 1 - 4 Merchants, Acquirers, Issuers, QSAs, Processors, Gateways, Service Providers, Consultants, and Auditors. All CPISA holders are members of the SPSP and also hold the CPISM certification.
The Payment Application Data Security Standard (PA-DSS) is the global security standard created by the Payment Card Industry Security Standards Council. PA-DSS was implemented in an effort to provide the definitive data standard for software vendors that develop payment applications. The standard aimed to prevent developed payment applications for third parties from storing prohibited secure data including magnetic stripe, CVV2, or PIN. In that process, the standard also dictates that software vendors develop payment applications that are compliant with the Payment Card Industry Data Security Standards.
GlobalScape, Inc. (AMEX:GSB) is a software developer headquartered in San Antonio, Texas, United States.
KAL is a company specialising in ATM software for bank ATMs, self-service kiosks, and bank branch networks. All KAL products are multivendor, Windows-compliant and conform to the industry XFS standard. KAL is the world's number two supplier of true multivendor ATM software. KAL supplies its software to major global banks including China Construction Bank, Citibank and UniCredit.
Venafi, Inc. is a privately held cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. Its enterprise key and certificate management and security products are certificate authority (CA) independent and manage security instruments such as Transport Layer Security (TLS) digital certificates and Secure Shell (SSH) keys. Venafi does not sell encryption and it is not a certificate authority.
Point-to-point encryption (P2PE) is a standard established by the PCI Security Standards Council. Payment solutions that offer similar encryption but do not meet the P2PE standard are referred to as end-to-end encryption (E2EE) solutions. The objective of P2PE and E2EE is to provide a payment security solution that instantaneously converts confidential payment card data and information into indecipherable code at the time the card is swiped, in order to prevent hacking and fraud. It is designed to maximize the security of payment card transactions in an increasingly complex regulatory environment.
iVeri Payment Technologies is a fully remote company registered in Johannesburg, South Africa. Established in 1998, it provides payment technology solutions for physical stores, mobile commerce, and e-commerce. As of today, iVeri serves 13 banks across 19 countries, processing an estimated 400 million transactions annually.
Internal Security Assessor (ISA) is a designation given by the PCI Security Standards Council to eligible internal security audit professionals working for a qualifying organization. The intent of this qualification is for these individuals to receive PCI DSS training so that their qualifying organization has a better understanding of PCI DSS and how it impacts their company. Becoming an ISA can improve the relationship with Qualified Security Assessors and support the consistent and proper application of PCI DSS measures and controls within the organization. The PCI SSC's public website can be used to verify ISA employees.
The Four Corners model, often referred to as the Four Party Scheme is the most used card scheme in card payment systems worldwide. This model was introduced in the 1990s. It is a user-friendly card payment system based on an interbank clearing system and economic model established on multilateral interchange fees (MIF) paid between banks or other payment institutions.