Sunday, June 9, 2019
Financial Regulation & Supervision Essay Example | Topics and Well Written Essays - 2250 words
Financial Regulation & Supervision - Essay ExampleThese regulations not notwithstanding protect the firms involved in online transactions but also the learning abilityholders from being exploited by the online frauds. Such residence requirements have posed new challenges as to how to minimize compliance costs and continuously monitor the protective cover systems to stay ahead of web criminals. Nevertheless, the benefits seem to surpass the costs associated with these regulations. Table of Contents administrator Summary 2 Table of Contents 3 Introduction 4 Facts of the Case 5 Andrews Options with Bank 6 Advantages of PCI DSS Compliance Advisor 10 culmination 11 References 13 Bibliography 15 Introduction A few years back the fraud in payment cards was conducted by small period criminals who used to take the advantage of opportunities as they came along. However, today it has become a well organized crime where sensitive customer information is stolen and ruthlessly exploited, i mpact one million million millions of cardholders and retail businesses. Considering this the PCI DSS were introduced. PCI refers to Payment Card Industry and DSS to Data shelter Standard (Carpenter, 2010). ... ember 2006 for the management and development of PCI security standards to improve the payment account security in transaction process (PCI Compliance Guide, n.d.). PCI SSC was formed by major credit card brands like VISA, American Express, MasterCard, JCB and Discover (Kim and Solomon, 2010, p.395). These brands and their acquirers are responsible for the enforcement of compliance with the standards. All the merchant companies that process transmit and store the cardholder data should be PCI DSS compliant. There are three steps in adherence to the standards 1. Assess This involves identification of cardholder data, inventory of business processes and IT assets along with an analysis of vulnerability in the security system for potential cardholder data exposure. 2. Remedia te No to store cardholder data unless necessitate and fix the vulnerabilities identified in step 1. 3. Report Compilation and submission of required validation records and compliance report to the acquiring bank and the payment card company (Hart et al, 2010, p.357). There are four merchant levels Level 1 The level 1 merchant has aggregate yearly online transactions of more than half dozen million and has been subject to cardholder data breach or poses significant risk. They are required to have an onsite audit all(prenominal) year by Qualified Security Assessor and quarterly network security scan by Approved Scanning Vendor (Bradley, 2007, p.209). Level 2 The level 2 merchant has annual aggregate transaction between one million and six million. They should submit PCI DSS self assessment questionnaire on an annual basis and conduct network scans every three months by Approved Scanning Vendor. Level 3 The level 3 merchants have annual aggregate transactions between 20,000 and one million therefore, they should PCI
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.