PCI DSS Version 4.0: A Guide to The Payment Card Industry Data Security Standard

36m
Stephen Hancock
IT Governance
2024

An ideal introduction to PCI DSS v4.0

Organisations that accept payment cards are prey for criminal hackers trying to steal financial information and commit identity fraud. Many attacks are highly automated, searching for website and payment card system vulnerabilities remotely, using increasingly sophisticated tools and techniques. When a vulnerability is discovered, an attack can start – with the management and staff of the target organisation unaware of what is going on.

PCI DSS exists to ensure that organisations process credit and debit card payments in a way that effectively protects cardholder data.

This guide will help you understand how:

The PCI DSS;
You can comply with the requirements of the Standard;
The PCI DSS and ISO/IEC 27001:2022;
PTS (PIN Transaction Security); and
P2PE (Point-to-point encryption).

About the Author

Stephen Hancock is a highly experienced cyber security consultant and auditor. He has been a PCI Qualified Security Assessor for more than 10 years. He has advised on PCI DSS and conducted assessments internationally for many clients ranging from multinational retailers to start-up fintech companies and payment service providers. Stephen has been involved in developing and delivering training courses for PCI DSS and ISO 27001, and holds a number of information security qualifications.

In this Book

Foreword
What is the Payment Card Industry Data Security Standard (PCI DSS)?
High-Profile Cardholder Breaches
What is the Scope of the PCI DSS?
Compliance and Compliance Programmes
Consequences of a Breach
How Do You Comply with the Requirements of the Standard?
Maintaining Compliance
PCI DSS – The Standard
Aspects of PCI DSS Compliance
The PCI Self-Assessment Questionnaire (SAQ)
Procedures and Qualifications
The PCI DSS AND ISO/IEC 27001
The Software Security Framework (SSF)
PIN Transaction Security (PTS)
Point-to-Point Encryption (P2PE)
Software-Based PIN Entry on Commercial Off-the-Shelf (COTS) Devices
Further Reading

FREE ACCESS

Course CompTIA Cybersecurity Analyst+: Data Security Standards

(1)

Course CompTIA Cybersecurity Analyst+: Cryptography

(4)

Course Information Security for Leaders: Elements of InfoSec

(5)

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Not included: Compliance, Leadership Development Program content, and Engineering books

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

IT Skills & Salary Report

ESG Impact Report

PCI DSS Version 4.0: A Guide to The Payment Card Industry Data Security Standard

In this Book

YOU MIGHT ALSO LIKE