IT Specialist & Developer

Does PCI-DSS really protect card holder data?

The ultimate target of PCI-DSS Compliancy controls is to protect card holder data or what they call it PAN (Primary account number).

Why does it focus highly in PAN? Simple answer, PAN is the direct required parameters to do offline transactions (card not present)!

Read the rest of this entry »

PCI-DSS is a work style

PCI-DSS one of most respected compliancy requirements for Financials; it is currently of the major features that products advertise itself by being PCI-DSS Compliant.

Every Financial institution I know either fully PCI-DSS compliant or engaged into getting compliant. However getting the certificate is not the end of the story. Although PCI-DSS mandates a review process dependent of controls types, those reviews are not enough to keep concrete compliancy with PCI-DSS.

Read the rest of this entry »