Casino Articles

PCI Security Standards Council

By: Joan Peppin, Friday April 2nd 2010
2 Comments   Email   Print

Payment by cards is still the preferred option at online casinos. The cards include credit cards, debit cards and prepaid cards. Most online casino players take for granted the security offered by the cards industry without ever becoming aware of the tremendous effort being made on a continuous basis in this regard by the industry. This article highlights some of the steps being taken so that players who use cards to deposit funds are more comfortable doing so.

The combined cards industry is referred to as the Payment Card Industry or PCI. The PCI has instituted a Security Standards Council. This was done by leaders in the industry like American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. The mission of the Security Standards Council is the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

The Security Standards Council has formulated a comprehensive set of requirements that all cards providers are expected to incorporate in their systems. These requirements are known as PCI Data Security Standard or PCI DSS for short. The PCI DSS is not a static document. New payment security risks keep emerging as those involved in hacking through the security network overcome existing barriers. Therefore in order to mitigate these risks and even preempt actions by the hackers, the Security Standards Council enhances the requirements contained in the PCI DSS. The Advisory Board of the Security Standards Council and other key stakeholders are consulted and provide inputs during the review and up gradation of the PCI DSS. The PCI DSS is broken up into six sections each revolving around a specific principle. Requirements have been formulated as to how these principles are to be enforced.

The first principle involves building and maintaining a secure network. The providers of the cards services are required to install and maintain a firewall configuration to protect cardholder data. Some components of the system may be outsourced from vendors. It is essential that the vendor-supplied defaults for system passwords and other security parameters are not continued but are changed immediately. This is to prevent anyone from the vendor organization accessing the system. The next principle is to protect cardholder data. The protection is required in two instances. The data has to be protected while it is stored on the servers. It also has to be protected while transmission across open, public networks. Encryption protocols are used to protect the data during transmission.

As mentioned earlier, the system is likely to come under threat from hackers. Therefore it is essential to maintain a vulnerability management program. One of the key requirements of such a program is the use of anti-virus software, which is regularly updated. There is a need to implement a strong access control system. For this the physical access and the electronic access to the cardholder data must be restricted. Personnel who are allowed access must be assigned a unique ID so that their transactions can be traced back. In fact there must be a system in place that tracks and monitors all access to cardholder data. Finally there needs to be an information security policy.

There is a system for testing the compliance of the different cards offered in the industry against the above principles and requirements. Based on the fulfillment of the requirements the level of compliance is certified by the Security Standards Council. Therefore those players who still fear using credit, debit or prepaid cards at online casinos should rest assured that the industry is seized of the issue and is taking all possible steps to prevent misuse.

Article Tools

 Email     Print     Digg    StumbleUpon


 Add Comment
Comment by: jerrybrown On: April 13, 2010
Knowing that you're playing at casinos that are secure is key IMHO in ensuring that the whole idea of security as related to gambling and the internet is kept in tact.
Comment by: Alison Pravda On: April 05, 2010
It's key for networks to be PCI certified I beleive. From my expereince it's shown to be key in ensuring that no data pertaining to credit cards or other personal information is ever stolen by hackers. Or at least is a great preventative measure as they have all the right security protocols in place.

Add Comment

You must be signed-in to add a comment: - Sign-in - Register

More Articles

Chinese New Year Online Slot
The Fantastic Sinbad Slot Game
Romeo And Juliet In Online Slots
Usher The New Year With Fluo Party
Valkyrie Online Slot From Elk

Article Categories
Gambling Law (13)

Beginners Guide (381)
Casino Bonus (41)
Casino Banking (39)
Getting Started (73)
Casino Software (149)

Casino Games (643)
Slots (331)
Blackjack (94)
Video Poker (55)
Roulette (36)
Craps (19)
Baccarat (19)
Caribbean Stud (12)
Pai Gow Poker (8)
Sic Bo (7)
Keno (12)
RSS & XML Feeds
Subscribe to our Articles Feed Below:
Top 10 Ranked Online Casinos
Casino Name    
Jackpot City
 Read Jackpot City Casino Review
 Read EuroPalace Casino Review
Roxy Palace
 Read Roxy Palace Casino Review
All Slots
 Read All Slots Casino Review
Platinum Play
 Read Platinum Play Casino Review
Royal Vegas
 Read Royal Vegas Casino Review
Gaming Club
 Read Gaming Club Casino Review
Ruby Fortune
 Read Ruby Fortune Casino Review
Spin Casino
 Read Spin Casino Review
Casino Splendido
 Read Casino Splendido Review

More Top Rated Online Casinos

Search our site

Casino Bonuses

Game Information

General Information