Best Practices for Maintaining IBM i PCI DSS Compliance
Maintaining PCI DSS compliance is critical for businesses that handle payment card transactions.
If your business processes, stores, or transmits credit or debit card transactions, you’re a prime target for cybercrime. Thieves can steal credit card information by hacking into a company’s system and downloading payment card data – either while it’s actively being used in a transaction or while it’s at rest in storage.
To add insult to injury data breaches can go undetected for months or years. For example, in April of 2018, a large global retailer announced a data breach involving 5 million customers’ payment card information, and the breach wasn’t discovered for nearly a year.
Besides the damage to consumers, the costs and consequences of payment card theft for the business are severe. Ponemon Institute reports that the average cost of each stolen record is $148, which would have cost the retailer $740 million with that estimate.
To protect consumers from fraud resulting from data theft, the five founding global payment brands – American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc – established a set of industry rules called the Payment Card Industry Data Security Standard (PCI DSS).
PCI DSS and other information to help you plan for compliance audits are available for download from the PCI Security Standards Council web site at www.pcisecuritystandards.org.
The process can be confusing for companies preparing for a PCI DSS compliance audit. This eBook is intended to provide tips for achieving PCI DSS compliance by protecting payment card information in IBM i systems.