Below is a snippet, and a link to a full article which goes into some depth to explain this. What's not in the article is the requirement to keep credit card data on a separate server - but this is how it is being applied in practice:
The devil is in the detail, some of which is listed in the full article:Payment Card Industry Data Security Standard
Build and Maintain a Secure NetworkRequirement
1: Install and maintain a firewall configuration to protect data Requirement
2: Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder Data Requirement
3: Protect stored dataRequirement
4: Encrypt transmission of cardholder data and sensitive information across public networksMaintain a Vulnerability Management Program Requirement
5: Use and regularly update anti-virus softwareRequirement
6: Develop and maintain secure systems and applicationsImplement Strong Access Control Measures Requirement
7: Restrict access to data by business need-to-knowRequirement
8: Assign a unique ID to each person with computer accessRequirement
9: Restrict physical access to cardholder dataRegularly Monitor and Test NetworksRequirement
10: Track and monitor all access to network resources and cardholder dataRequirement
11: Regularly test security systems and processes.Maintain an Information Security PolicyRequirement
12: Maintain a policy that addresses information
http://64.233.183.104/search?q=cache...k&ct=clnk&cd=1
And this quote from Protx:
VgerRecently Visa, MasterCard and other major card schemes have introduced security audits to ensure that all merchants who collect credit card data comply with strict guidelines surrounding the collection and storage of credit card data.
VSP Direct merchants collect credit card data on their own website and will be asked by their bank to undergo an audit to ensure that data is kept secure at all times.
Alternatively, if you do not wish to undergo such an audit, then you can outsource the collection of credit card data to Protx, by using VSP Form or VSP Server.
Results 1 to 10 of 118
Threaded View
-
25 Sep 2006, 10:30 PM #11
Past Contributor
- Join Date
- Nov 2004
- Location
- Norfolk, United Kingdom
- Posts
- 3,036
- Plugin Contributions
- 2
Re: NEW! Ceon Manual/Offline Card Payment Module v1.0.0!
Similar Threads
-
Ceon Manual Card Payment Module v4
By conor in forum Addon Payment ModulesReplies: 87Last Post: 7 Apr 2021, 04:44 PM -
Ceon Manual Card Payment Module v2.0.0!
By conor in forum Addon Payment ModulesReplies: 243Last Post: 30 Mar 2017, 08:58 PM -
Ceon Manual Card Payment Module v3.0.0
By conor in forum Addon Payment ModulesReplies: 136Last Post: 15 Nov 2012, 06:36 PM -
Ceon manual card module - cc error leads to page not found
By jenniesummitreks in forum Addon Payment ModulesReplies: 2Last Post: 16 Sep 2009, 09:28 PM -
Re: Ceon Manual/Offline Card Payment Module v1.0.0!
By wizarddave in forum Addon Payment ModulesReplies: 0Last Post: 2 Jan 2008, 05:13 PM
Bookmarks