The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded Credit / Debit / Prepaid cards from the major card schemes (Visa, Master, JCB, American Express & Discover). The PCI Standard is administered by the Payment Card Industry Security Standards Council, in UAE same is mandated by CBUAE.
The PCI DSS specifies and elaborates on six major objectives:
1. A secure network must be maintained in which transactions can be conducted. This requirement involves the use of firewalls that are robust enough to be effective without causing undue inconvenience to cardholders or vendors. Specialized firewalls are available for wireless LANs, which are highly vulnerable to eavesdropping and attacks by malicious hackers. In addition, authentication data such as personal identification numbers (PINs) and passwords must not involve defaults supplied by the vendors. Customers should be able to conveniently and frequently change such data.