1. How is skimming used to target PCI data?: answer- Copying payment card numbers by tampering with POS devices, ATMs, Kiosks or copying the magnetic
... [Show More] stripe using handheld skimmers.
2. How is phishing used to target PCI data?: answer- By doing reconnaissance work through social engineering and or breaking in using software vulnerabilities or e-mails.
3. How can Payment Data be Monetized?: answer- By skimming the card to get the full track of data, and then making another like card. Using the card information in a "Card-not-present transactions such as e-commerce or mail order, Telephone order. Card data is also sold in bulk to other criminals who perform their own fraud using the stolen data.
4. Who all are targeted ?: answer- Retail, Food and Beaverage, Hospitality, Financial Ser- vices, non-profit. EVERYONE!
5. What is the PCI SSC ?: answer- Payment Card Industry Security Service Counsel is an independent industry standards body providing oversight of the development and management of Payment Card Industry Data Security Standards on a global basis.
6. What are some of the PCI SSC founding payment brands.: answer- American Express, Discover Financial, JCB International, Master Card, Visa inc.
7. What are the Resources provided by the PCI SSC?: answer- PCI DSS, PA-DSS, P2PE, PTS (POI, HSM and PIN) Card Production, and supporting documents.
Roster of QSAs, PA-QSAs, PCIPs, ASVs, validated payment applications, PTS Devices, and P2PE solutions
PCI Security Standards Counsil FAQs Education and Outreach programs
Participating Organization Membership, Community Meetings, feedback.
8. What is the overview of PCI DSS?: Covers security of the environments that store, process or transmit account data.
Environments receive account data from payment applications and other sources (e.g.., acquirers).
9. what is the overview of PCI PA-DSS: Covers secure payment applications to support PCI DSS compliance [Show Less]