Security Basics mailing list archives
PCI compliance questions
From: Abo Sous <abussous () gmail com>
Date: Wed, 22 Apr 2009 13:01:54 +0300
Hello list, I'm going through some PCI material, and i have the following questions please: 1- Details on what’s considered as sensitive data and what’s not: from a Merchant perspective is provided by Visa on page of https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf; however, i could not find any as for the Acquirer/Issuer/Service Provider perspective; any pointers? 2- what are the deadlines/fines for non compliance, for Merchants/Acquirers/Issuers/Service Providers respectively? 3- being an issuer/acquirer (bank for ex), am i required to comply with PCI DSS? if so, what are the requirements? Thanks, -A/S. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- PCI compliance questions Abo Sous (Apr 22)
- Re: PCI compliance questions Adam Pal (Apr 24)
- Re: PCI compliance questions Mark Loeser (Apr 24)
- Re: PCI compliance questions Jason (Apr 24)
- <Possible follow-ups>
- Re: PCI compliance questions no (Apr 24)
- Re: PCI compliance questions sfmailsbm (Apr 24)