TY - GEN
T1 - Moving towards PCI DSS 3.0 compliance
T2 - 2014 International Conference on Advanced Computer Science and Information Systems, ICACSIS 2014
AU - Shihab, Muhammad Rifki
AU - Misdianti, Febriana
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/3/23
Y1 - 2014/3/23
N2 - E-commerce industry in Indonesia has grown rapidly since 2012. This development is also in line with the number of transactions that uses credit cards. Unfortunately, this phenomenon is followed by credit card frauds as well. Therefore, there is an urge for a standard to be used as a main reference in protecting the security of information. Visa and MasterCard have issued an international standard to ensure the security of credit card data, namely, PCI DSS. It emphasizes the importance of protecting cardholder information in one's daily business processes. On December 2013, the latest version of this standard was released, and brought about difficulties, even to those organizations that are already compliant to previous versions of the same standard. The aim of this research is to be able to identify the changes brought about by the latest PCI DSS, namely, version 3.0. Furthermore, this research is intended to implement that very standard to measure an organization's compliance level. This research uses a case study approach in Indonesia largest company in online payment services. The results of this research are the summation of 182 new controls that are simplified for use by organizations that have complied with PCI DSS 2.0 and are preparing for PCI DSS 3.0. Additionally, we found that Company X, the object of our case study, is compliant towards 77.43% of PCI DSS 3.0 requirements. Payment card industry data security standard is considered at its earlier stages. We believe that this research is one of the first in observing the changes brought about by PCI DSS 3.0 as well as in implementing it to measure an organization's compliance level.
AB - E-commerce industry in Indonesia has grown rapidly since 2012. This development is also in line with the number of transactions that uses credit cards. Unfortunately, this phenomenon is followed by credit card frauds as well. Therefore, there is an urge for a standard to be used as a main reference in protecting the security of information. Visa and MasterCard have issued an international standard to ensure the security of credit card data, namely, PCI DSS. It emphasizes the importance of protecting cardholder information in one's daily business processes. On December 2013, the latest version of this standard was released, and brought about difficulties, even to those organizations that are already compliant to previous versions of the same standard. The aim of this research is to be able to identify the changes brought about by the latest PCI DSS, namely, version 3.0. Furthermore, this research is intended to implement that very standard to measure an organization's compliance level. This research uses a case study approach in Indonesia largest company in online payment services. The results of this research are the summation of 182 new controls that are simplified for use by organizations that have complied with PCI DSS 2.0 and are preparing for PCI DSS 3.0. Additionally, we found that Company X, the object of our case study, is compliant towards 77.43% of PCI DSS 3.0 requirements. Payment card industry data security standard is considered at its earlier stages. We believe that this research is one of the first in observing the changes brought about by PCI DSS 3.0 as well as in implementing it to measure an organization's compliance level.
UR - http://www.scopus.com/inward/record.url?scp=84927739516&partnerID=8YFLogxK
U2 - 10.1109/ICACSIS.2014.7065872
DO - 10.1109/ICACSIS.2014.7065872
M3 - Conference contribution
AN - SCOPUS:84927739516
T3 - Proceedings - ICACSIS 2014: 2014 International Conference on Advanced Computer Science and Information Systems
SP - 151
EP - 156
BT - Proceedings - ICACSIS 2014
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 18 October 2014 through 19 October 2014
ER -