PCI DSS

PCI DSS

Directive to bolster the security of credit and debit card use

Since the advent of e-commerce and digital transactions in society, card details have been a highly sought-after by cyber criminals, and so-called CNP (card not present) fraud is now the type of fraud that is increasing most in this country. To curb the growth of card fraud around the world, the PCI DSS framework was established to strengthen the security of credit and debit card use. The standard is backed by the five major credit card companies, Mastercard, Visa, JCB, Discover and American Express.

5,3 %
of Sweden’s population were victims of card fraud in 2019
3,5 %
The CNP frauds in Sweden increased in 2019
411
million was lost in card fraud in the EU in 2019

consequences

What are the consequences of non-compliance?

Warning or fine of varying degrees

Withdrawn permission to receive card payments

Obligation to repay affected customers

security requirements

What security requirements are imposed by PCI DSS?

Secure networks and systems

A secure network must be maintained, where transactions can be carried out without causing unnecessary inconvenience to cardholders and suppliers.

Protected card information

Data such as the card number, card verification code and PIN must always be stored securely, in non-readable form.

Protection against vulnerabilities

Anti-virus, anti-spyware and anti-malware solutions shall be up to date, and new systems and applications shall be developed and maintained with security in mind.

Access control

Access to system information and operations shall be limited and controlled to business "need to know".

Monitoring and testing

Networks and systems must be monitored and tested regularly to ensure that all security measures and processes are in place, are working properly and are kept up to date.

Security policy and other security requirements

A formal information security policy must be established, maintained and adhered to by all parties.

A few words from one of our customers

“When we met Sentor, we quickly established a good relationship – personal chemistry is extremely important to us. Something else that stood out from other suppliers was their ability to start by determining and communicating the activities that had the greatest effect on our work and that we should therefore prioritise. It became very hands on when we could see an immediate business benefit.”

Anders GröndahlCEO of Team Engine

Contact us

We offer several contact routes and provide feedback as soon as possible. If you have sensitive information, we ask you to use the encrypted method.

Take control of your security

Book a free consultation

In the consultation, we talk about your organisation’s security challenges and discuss how we at Sentor can help you achieve your goals. If you would like to be contacted, provide your details on the contact form.