Payment Card Industry Data Security Standards (PCI DSS)
Course at a glance
- 20 Minutes
- 80% Pass Rate Required
About the course
In the modern world of technology, system hacks, data leaks, identity thefts and frauds can easily happen to those who fail to keep their systems secure.
If your business accepts credit or debit card payments, you must keep your customers card information safe and notify of any security breaches that might compromise sensitive data.
Its not only a matter of maintaining customers trust and loyalty; it is also a legal requirement.
This course will help you understand the basics of the PCI security standards and how to comply with them.
The course covers the new PCI DSS V.3 Standard, which came into full effect in April 2016, and places increased emphasis on employee training, and demands all organisations provide annual employee PCI awareness training.
What is PCI DSS and who needs to comply?
It is a set of clear procedures and controls put in place for all companies that accept, process, store and transmit credit and debit card information, and ensures the secure handling of customer data and funds.
Employers are responsible for putting in place suitable security controls that safeguard sensitive information such as cardholder data (CHD) and sensitive authentication data (SAD) in both electronic and in paper form.
As an employee, you are responsible for proper data handling, including accessing, sharing, transmission and disposal of sensitive cardholder data, to protect it from unauthorised access by third parties.
There are two basic types of vulnerabilities that can threaten the security system in your work place.
PCI DSS goals and requirements
There are six main goals to ensure minimum data security. Their main focus is on protecting cardholder data, maintaining a secure IT network and regularly monitoring the system for vulnerabilities.
Card transaction risks
Any sale devices and systems that capture and process card transactional data can be attacked, leading to the loss of cardholder data.
Keeping F2F payments secure
Be vigilant and careful when accepting and processing card payments. Taking payments over the phone - Check the relevant phone for signs of tampering, bugging, or any additional wires that werent there before. Key
Taking payments over the phone
Check the relevant phone for signs of tampering, bugging, or any additional wires that werent there before.
Protecting customer data while transferring information
If you are emailing sensitive information, ensure to encrypt it.
Maintain a clear desk policy and dont leave documents with sensitive information lying on your desk or somewhere that an unauthorised person may access it.
Who is it for?
The course is aimed at anyone processing, storing or transmitting payment card data, from large organisations to small, local businesses. It is particularly relevant for the following job roles: merchants, acquirers, customer service teams, administrators, executives, managers, IT specialists, developers, contractors and third party service providers.
This Environmental Awareness summary course is not intended to be a comprehensive guide, but rather a general overview of key environmental awareness topics, focusing on the most common issues.
The course uses animated explainer videos to cover the key topics so you can learn in a fun and engaging way. It includes knowledge checks throughout to ensure learners demonstrate they have understood the key learning outcomes.