Payment Card Industry Data Security Standards (PCI DSS)

Course at a glance

  • 20 Minutes
  • English
  • 80% Pass Rate Required

About the course

In the modern world of technology, system hacks, data leaks, identity thefts and frauds can easily happen to those who fail to keep their systems secure.

If your business accepts credit or debit card payments, you must keep your customers’ card information safe and notify of any security breaches that might compromise sensitive data.

It’s not only a matter of maintaining customers’ trust and loyalty; it is also a legal requirement.

This course will help you understand the basics of the PCI security standards and how to comply with them.

The course covers the new PCI DSS V.3 Standard, which came into full effect in April 2016, and places increased emphasis on employee training, and demands all organisations provide annual employee PCI awareness training.

Key Insights

What is PCI DSS and who needs to comply?

It is a set of clear procedures and controls put in place for all companies that accept, process, store and transmit credit and debit card information, and ensures the secure handling of customer data and funds.

Responsibilities

Employers are responsible for putting in place suitable security controls that safeguard sensitive information such as cardholder data (CHD) and sensitive authentication data (SAD) in both electronic and in paper form.

As an employee, you are responsible for proper data handling, including accessing, sharing, transmission and disposal of sensitive cardholder data, to protect it from unauthorised access by third parties.

Vulnerabilities

There are two basic types of vulnerabilities that can threaten the security system in your work place.

PCI DSS goals and requirements

There are six main goals to ensure minimum data security. Their main focus is on protecting cardholder data, maintaining a secure IT network and regularly monitoring the system for vulnerabilities.

Card transaction risks

Any sale devices and systems that capture and process card transactional data can be attacked, leading to the loss of cardholder data.

Keeping F2F payments secure

Be vigilant and careful when accepting and processing card payments. Taking payments over the phone - Check the relevant phone for signs of tampering, bugging, or any additional wires that weren’t there before. Key

Taking payments over the phone

Check the relevant phone for signs of tampering, bugging, or any additional wires that weren’t there before.

Protecting customer data while transferring information

If you are emailing sensitive information, ensure to encrypt it.

Security tips

Maintain a clear desk policy and don’t leave documents with sensitive information lying on your desk or somewhere that an unauthorised person may access it.

Who is it for?

The course is aimed at anyone processing, storing or transmitting payment card data, from large organisations to small, local businesses. It is particularly relevant for the following job roles: merchants, acquirers, customer service teams, administrators, executives, managers, IT specialists, developers, contractors and third party service providers.

Course Format

This ‘Environmental Awareness summary course’ is not intended to be a comprehensive guide, but rather a general overview of key environmental awareness topics, focusing on the most common issues.

The course uses animated explainer videos to cover the key topics so you can learn in a fun and engaging way. It includes knowledge checks throughout to ensure learners demonstrate they have understood the key learning outcomes.