Click for next page ( 28


The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement



Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.

OCR for page 27
APPENDIX B--REFERENCES AND 16. SPSP Society of Payment Security Professionals. ADDITIONAL RESOURCES CPISM. https://www.paymentsecuritypros.com/ CPISM/. Accessed April, 2010. REFERENCES 17. Magtek. Brochures--Magnetic Stripe Card Stan- 1. PCI Security Standards Council. Payment Applica- dards. http://www.magtek.com/documentation/ tion Data Security Standard (PA-DSS) V1.2. https:// public/99800004-1.03.pdf. Accessed April, 2010. www.pcisecuritystandards.org/security_standards/ pci_pa_dss.shtml. Accessed April, 2010. ADDITIONAL RESOURCES 2. Visa. How It Works. http://usa.visa.com/merchants/ new_acceptance/how_it_works.html. Accessed March, American Express (card brand) website: https://www209. 2010. americanexpress.com. 3. PCI Compliance Guide. PCI FAQS--What Is the American Express. American Express Data Security Definition of Merchant. http://www.pcicompliance Operating Policy for U.S. Merchants. https://www guide.org/pcifaqs.php#13. Accessed April, 2010. 209.americanexpress.com/merchant/singlevoice/pdfs/ 4. PCI Compliance Guide. PCI FAQS--What Consti- en_US/DSOP_Merchant_US.pdf. tutes a Service Provider. http://www.pcicompliance American Express Data Security Home. Data Security for guide.org/pcifaqs.php#13. Accessed April, 2010. Merchants. https://www209.americanexpress.com/ 5. DED Limited. Magnetic Stripe Card Standards.http:// merchant/singlevoice/dsw/FrontServlet?request_type= www.ded.co.uk / magnetic-stripe-card-standards /. dsw&pg_nm=home&ln=en&frm=US. Accessed April, 2010. ARINC. ARINC's PCI-DSS Adventure. Presented at ACI 6. PCI Security Standards Council. Navigating PCI DSS, BITCOM, Austin, Tex., Oct., 2009. http://www. Understanding the Intent of Requirements. https:// aci-na.org/static/entransit/pci_margerison.pdf. www.pcisecuritystandards.org/pdfs/navigating_pci_ Barich, Inc. The Future of Airport Information Tech- dss_v1-1.pdf. Accessed March, 2010. nology. Presented at ACI-NA Airport Board Mem- 7. PCI Security Standards Council. Glossary, Abbre- bers and Commissioners Conference, Chicago, Ill., viations and Acronyms. https://www.pcisecurity April, 2009. http://www.aci-na.org/static/entransit/ standards.org/security_standards/glossary.shtml#c. 8-TheFutureOfAirportInformationTech-FBarich.pdf. Accessed March, 2010. Coalfire Systems. PCI Compliance: "Just the Facts." Pre- 8. Visa. Merchants. http://usa.visa.com/merchants/risk_ sented at ACI-NA Conference, Seattle, Wash., April, management/cisp_merchants.html. Accessed April, 2009. www.aci-na.org/about/resolveuid/2b2f756874 2010. a8dd06be8dca0163245f9c 9. MasterCard. Merchant Levels Defined. http://www. The Compliance Authority website: http://www.thecom mastercard.com/us/sdp/merchants/merchant_levels. plianceauthority.com/pci-compliance-deadlines.php html. Accessed April, 2010. CompliancesForum website: http://www.compliances 10. NDB Advisory. Important PCI Compliance Informa- forum.com/download-pci-dss-audit-questions-and- tion for Merchants. http://www.pciassessment.org/ checklist merchants.php#bookmark-3. Accessed April, 2010. Discover (card brand) website: http://www.discover 11. Visa. Service Providers. http://usa.visa.com/ network.com/fraudsecurity/disc.html. merchants/risk_management/cisp_service_providers. Discover Information Security and Compliance. http:// html. Accessed April, 2010. www.discovernetwork.com/fraudsecurity/disc.html 12. MasterCard. Service Provider Levels Defined. http:// Element website: http://www.elementps.com/merchants/ www.mastercard.com/us/sdp/serviceproviders/service pci-dss/compliance-level/. provider_levels.html. Accessed April, 2010. GFI. PCI DSS Made Easy. http://www.gfi.com/white 13. NDB Advisory. Important PCI Compliance Informa- papers/pci-dss-made-easy.pdf. tion for Service Providers. http://www.pciassessment. GFI.com Whitepapers: http://www.gfi.com/whitepapers/ org/service-providers.php. Accessed April, 2010. pci-dss-made-easy.pdf. 14. PCI Security Standards Council. Security Audit Proce- IATA Payment Card Industry Data Security Standards. dures, Version 1.1. https://www.pcisecuritystandards. http://www.iata.org/whatwedo/finance/creditcard/pci- org/pdfs/pci_audit_procedures_v1-1.pdf. Accessed dss.htm. April, 2010. IT Compliance Institute (ITCi). IT Audit Checklist: Pay- 15. PCI Security Standards Council. Qualified Security ment Card Industry (PCI). http://download.101com. Assessors (QSAs)/Approved Scanning Vendors (ASVs). com/pub/itci/Files/ITCi_ITACL-PCI_0321-Lb.pdf. https://www.pcisecuritystandards.org/qsa_asv/index. JCB Data Security Program. http://www.jcb-global.com/ shtml. Accessed April, 2010. english/jdsp/index.html. 27