- It is the duty of your company and your employees to understand what payment card data is, how to keep it safe and maintain its integrity, and what to do in the event of a disclosure or a security breach.
- The Payment Card Industry Data Security Standard is a set of 12 requirements designed to ensure that all companies that process, store, or transmit payment card information, keep data protected and secure.
- Our interactive, engaging PCI-DSS training course teaches the 12 requirements, but, more importantly, gives the learner the opportunity to apply them to real-life situations and put them into practice.
Seamless playback and tracking on iPhone, Android, tablet and desktop devices
Easy to add your own content
Single enterprise license covers your entire workforce, including contractors
Available in 20+ languages, with training resources for local regional regulations
WHAT IS PCI DSS?
- Video: PCI DSS protects payment card data. Maintains customer trust and safeguards our reputation.
- Interactive Screen: Overview of the 12 PCI DSS requirements designed to protect cardholder data.
- Scenario: Consequences of a security breach leading to the theft of payment card information.
- Key Learning: All merchants must adhere to the PCI DSS. Under inspection, if a merchant fails to meet the PCI DSS, they could face litigation, fines, and removal or reduction in services from the payment card company.
- Scenario: Protecting cardholder data.
- Key Learning: Heavy fines and penalties are common for merchants, small or large, who fail to meet PCI DSS.
SENSITIVE DATA & VULNERABLE AREAS
- Interactive Screen: Merchant-based vulnerabilities may appear almost anywhere in the card-processing system. Real-life examples of how to protect cardholder data.
- Scenario: Identifying the possible causes of a data breach.
- Key Learning: Retailers are responsible for maintaining security of the payment card transaction environment. This includes ensuring that computers, networks, and passwords are secure.
- Scenario: Identify how to prevent breaches.
- Key Learning: Storing cardholder data provides opportunities for criminals to steal data. Records should be stored only when necessary and destroyed as soon as possible.
HANDLING AND STORING DATA
- Interactive Screen: The importance of ensuring payment card data doesn’t fall into the wrong hands. Real-life examples of how to handle and store payment card data.
- Scenario: Ensuring the security of cardholder data.
- Key Learning: Transaction information may only be kept for the required length of time, as per the card issuer’s terms and conditions. It is necessary to destroy all digital and hard-copy records as soon as they are no longer needed.
- Scenario: Identifying ways to ensure network security.
- Key Learning: Data must only be stored when absolutely necessary and only for as long as is required. Noncompliance can result in fines and penalties from the payment brands and can be catastrophic to a business.
- Scenario: Sending payment cards from one location to another.
- Key Learning: When sending high-value goods like credit or payment cards, you should only use a delivery method that has been approved by the company.
- Scenario: Consequences of cardholder data falling into the wrong hands.
- Key Learning: Loss of entitlement to accept payment cards, and this could destroy our business. Huge fines for each instance of payment card data that’s compromised.
- Interactive Screen: Guidance on preventing breaches.
- Scenario: Consequences of failing to mask PANs in a spreadsheet sent to another department.
- Key Learning: Storing and disseminating payment card data in any format – handwritten, in a document or spreadsheet, an email, memory stick, or any other method – reduces the security of the data and renders it vulnerable to a breach.
- Scenario: What types of data can be stored?
- Key Learning: In general, no cardholder data should ever be stored unless it’s necessary to meet the needs of the business. Cardholder name, service code, expiration date, and PAN can be stored under special circumstances, as long as it’s encrypted.
- Scenario: Identify possible causes of a network breach.
- Key Learning: If payment card data is processed on our computer network in any way, for example, at checkouts, online transactions, or through telephone activity, the whole network and premises must be secured to prevent unauthorized access.
SOME OF OUR VALUED CLIENTS
|VISA||BNP PARIBAS||BRISTOL-MYERS SQUIBB||KFC||UBS|