PCI DSS stands for Payment Card Industry Data Security Standard. This is a standard which was developed by the major credit card companies – MasterCard, Visa, Discover and American Express – as a guideline to help vendors to process credit card transactions without fear of illegal or fraudulent activities threatening the security of their customers' details.

As of this year, PCI compliance is a legal requirement for any company who processes, stores or transmits credit card numbers, or the company could risk losing its ability to process these transactions. If they want to, companies can ask for an audit which will result, if the company passes, in PCI certification, but this is not a necessary step; companies merely need to ensure that they are, in fact, following the guidelines laid down in the PCI DSS.

There are twelve "control objectives" laid out in the PCI DSS:

Build and Maintain a Secure Network

- Requirement 1: Install and maintain a firewall configuration to protect cardholder data

- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

- Requirement 3: Protect stored cardholder data

- Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

- Requirement 5: Use and regularly update anti-virus software

- Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

- Requirement 7: Restrict access to cardholder data by business need-to-know

- Requirement 8: Assign a unique ID to each person with computer access

- Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

- Requirement 10: Track and monitor all access to network resources and cardholder data

- Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

- Requirement 12: Maintain a policy that addresses information security

TK Maxx fell foul of hackers in March 2007, when over 45 million credit card numbers were stolen. The PCI DSS hopes to combat incidents such as these, which pose a serious threat to the security of shoppers, both online and in bricks-and-mortar shops.

By Iain Ford

For more information on domain names and domain name registration questions please feel free to contact Domainmonster.com support team who will be happy to assist you.