• Home

  • Documents

  • VULNERABLE DATA - PCI Security Standards · PDF fileFight Cybercrime by Making Stolen Data...
1
42.8 million cyberattacks are expected this year alone. How can businesses eliminate their data as a target for hackers? Three technologies - EMV chip, tokenisation and point-to-point encryption can help organizations make their customer data less valuable to criminals. Here’s how it works: Fight Cybercrime by Making Stolen Data Worthless to Thieves There are many places card data travels throughout the transaction process. Each player that comes in contact with card data plays a vital role in keeping data safe. ? #!$% ? :( :( STOLEN DATA Data is Devalued. It cannot be read and used fraudulently by criminals. For more information visit: www.pcisecuritystandards.org | @PCISSC Customer uses card at store or online Click to complete your purchase Store owner’s bank + What: Removes the need for card data to be stored by merchants or on consumers’ devices How: The original card value cannot be determined by the receiver Best for: Protecting stored data used for customer service, loyalty programs and mobile payments $$$ Card in hand is real! Card data is unreadable! 9 9 9 3 4 5 6 7 6 3 2 1 0 0 0 0 1 9 * # $ / # # @ & % > / # V O ? / # # @ X POINT-TO-POINT ENCRYPTION Card data is removed! EMV CHIP CreditCard Bank Name 999 34567 6321 00001 VISHNIT PARIK Store owner point-of-sale (POS) computer system 0000 000 J.Citizen Card networks A M E R I C A N E X P R E S S - D I S C O V E R - J C B - M A S T E R C A R D - V I S A Customer’s bank Technologies that protect data in the transaction process: TOKENISATION CreditCard Bank Name 0000 0000 0000 0000 JOHN CITIZEN EXP 00/00 Customer Identification Number (American Express) Primary Account Number Chip CreditCard Bank Name 0000 0000 0000 0000 JOHN CITIZEN EXP 00/00 Expiration Date 1234 Magnetic Stripe (data on tracks 1 & 2) Customer Identification Number (Discover, JCB, MasterCard, VISA) Bank Name Call 000.000.0000 for info 0000 000 J.Citizen Data needs to be protected both in transit and at rest What: Prevents cards from being cloned How: The chip creates unique transaction code with every purchase that can’t be replicated by counterfeit cards Best for: Protecting in-store purchases, not online transactions What: Masks card data as it travels through the transaction cycle How: Math formula replaces original data with new values which are decrypted by the receiver Best for: Data in transit + = VULNERABLE DATA

VULNERABLE DATA - PCI Security Standards · PDF fileFight Cybercrime by Making Stolen Data Worthless to Thieves There are many places card data travels throughout the transaction process

Embed Size (px)

Citation preview

Page 1: VULNERABLE DATA - PCI Security Standards · PDF fileFight Cybercrime by Making Stolen Data Worthless to Thieves There are many places card data travels throughout the transaction process

42.8 million cyberattacks are expected this year alone. How can businesses eliminate their

data as a target for hackers? Three technologies - EMV chip, tokenisation and point-to-point

encryption can help organizations make their customer data less valuable to criminals.

Here’s how it works:

Fight Cybercrime by Making Stolen Data Worthless to Thieves

There are many places card data travels throughout the transaction process.

Each player that comes in contact with card data plays a vital role in keeping data safe.

?

#!$%

?

:( :(

STOLENDATA

Data is Devalued.

It cannot be read and used fraudulently by criminals.

For more information visit:

www.pcisecuritystandards.org | @PCISSC

Customer uses card at store or online

Click to complete your

purchase

Store owner’s bank

+

What: Removes the need for card data to be stored by merchants or on consumers’ devices

How: The original card value cannot be determined by the receiver

Best for: Protecting stored data used for customer service, loyalty programs and mobile payments

$$$

Card in hand is real!

Card data is unreadable!

9 9

9

3 4 5 6 7 63

2

1 0

0 0 01 9

* # $ / #

# @

& ^% >/ #

V O ?/ # # @

X ✓

POINT-TO-POINT ENCRYPTION

Card data is removed!

EMV CHIP

CreditCard

Bank Name Call 000.0000.0000Bank Name Call 000.000.0000 for info

0000 000J.Citizen

CreditCardBank Name

999 34567 6321 00001

VISHNIT PARIKEXP 01/19

CreditCard

Bank Name Call 000.0000.0000Bank Name Call 000.000.0000 for info

0000 000J.Citizen

Store owner point-of-sale (POS) computer system

CreditCard

Bank Name Call 000.0000.0000

Bank Name Call 000.000.0000 for info

0000 000J.Citizen

Card networks

AMERIC

AN

EX

PRES

S -

DISCOVER - JCB - MASTERC

ARD

- VISA

Customer’s bank

Technologies that protect data in the transaction process:

TOKENISATION

CreditCard Bank Name

0000 0000 0000 0000

JOHN CITIZEN

EXP 00/00

Customer Identification Number

(American Express)

Primary Account Number

Chip

CreditCard Bank Name

0000 0000 0000 0000

JOHN CITIZENEXP 00/00

Expiration Date

1234

Magnetic Stripe(data on tracks 1 & 2)

Customer Identification Number (Discover, JCB, MasterCard, VISA)

Bank Name Call 000.000.0000 for info

0000 000J.Citizen

Data needs to be protected both in transit and at rest

What: Prevents cards from being cloned

How: The chip creates unique transaction code with every purchase that can’t be replicated by counterfeit cards

Best for: Protecting in-store purchases, not online transactions

What: Masks card data as it travels through the transaction cycle

How: Math formula replaces original data with new values which are decrypted by the receiver

Best for: Data in transit

+

=

VULNERABLE DATA

THE NATIONAL PARKS: A Forum on the Worthless Lands Thesis

THE NATIONAL PARKS: A Forum on the Worthless Lands Thesis

Documents
Voltage SecureData - microfocus.com · Data Sheet Voltage SecureData 2 by making your protected data absolutely worthless to an attacker, whether it is in pro-duction, analytic systems,

Voltage SecureData - microfocus.com · Data Sheet Voltage SecureData 2 by making your protected data absolutely worthless to an attacker, whether it is in pro-duction, analytic systems,

Documents
Precious Alchemy or Worthless Chemistry - Value of Transmedia & Multi Platform

Precious Alchemy or Worthless Chemistry - Value of Transmedia & Multi Platform

Technology
"Plans are worthless, but planning is essential"

"Plans are worthless, but planning is essential"

Data & Analytics
Worthless 99999

Worthless 99999

Documents
you are WORTHLESS

you are WORTHLESS

Documents
Agriculture pres. - HSIF Nov 2017 · data is worthless without the insight and skill that interprets it. So what are waiting for? Show me the $$... •Multiple rotations –4,6,8,10

Agriculture pres. - HSIF Nov 2017 · data is worthless without the insight and skill that interprets it. So what are waiting for? Show me the $$... •Multiple rotations –4,6,8,10

Documents
Worthless Link Building SEO Tactics To Avoid and Ways to Dominate the SERPs

Worthless Link Building SEO Tactics To Avoid and Ways to Dominate the SERPs

Internet
17b - Rewards_ Worthy or Worthless

17b - Rewards_ Worthy or Worthless

Documents
Worthless worship 06172013

Worthless worship 06172013

Spiritual
SkillSurvey Rant: Job References from Worthless to Priceless

SkillSurvey Rant: Job References from Worthless to Priceless

Business
IPR - Knowledge is a worthless asset without it. True or false?

IPR - Knowledge is a worthless asset without it. True or false?

Economy & Finance
The Immune System Chapter 24 - Davis School · PDF filefight infections Copyright © 2005 Pearson Education, Inc. Publishing as Benjamin Cummings ... 24.16 Malfunction or failure of

The Immune System Chapter 24 - Davis School · PDF filefight infections Copyright © 2005 Pearson Education, Inc. Publishing as Benjamin Cummings ... 24.16 Malfunction or failure of

Documents
Worthless 99

Worthless 99

Documents
Priceless or-worthless-final-wq-2040

Priceless or-worthless-final-wq-2040

Education
IGCSE Cambridge: Depth Study Germany 1918-45 · Old people - pensions & saving worthless. Workers paid monthly - pay worthless at the end of the month. Savers - any cash savings quickly

IGCSE Cambridge: Depth Study Germany 1918-45 · Old people - pensions & saving worthless. Workers paid monthly - pay worthless at the end of the month. Savers - any cash savings quickly

Documents
Marketing plans are worthless but strategy is everything

Marketing plans are worthless but strategy is everything

Business
Original Article Do Face Masks become Worthless after Only

Original Article Do Face Masks become Worthless after Only

Documents
VIMC Investors Hold a Worthless Bag

VIMC Investors Hold a Worthless Bag

Documents
Worthless Check Booklet

Worthless Check Booklet

Documents
Your Ping-Pong Table Is Worthless: Attracting Millennials

Your Ping-Pong Table Is Worthless: Attracting Millennials

Recruiting & HR
Model Mentor Monitor HOPEless WORTHless HOSTILITY

Model Mentor Monitor HOPEless WORTHless HOSTILITY

Documents
Worthless Check Affidavit - Seminole County Sheriff's Office3. Mail Worthless Check Affidavit and all other correspondence to the address listed on the front of this Affidavit. 4

Worthless Check Affidavit - Seminole County Sheriff's Office3. Mail Worthless Check Affidavit and all other correspondence to the address listed on the front of this Affidavit. 4

Documents
Worthless Story Card Estimates - Agile and Beyond 5-6-2016

Worthless Story Card Estimates - Agile and Beyond 5-6-2016

Software
The World Most Worthless Currencies

The World Most Worthless Currencies

Economy & Finance
Lots and lots of worthless data

Lots and lots of worthless data

Business
Fight Books in Comparative Perspective 1. International St ... · PDF fileFight Books in Comparative Perspective 1. International St ... The depiction and description of body techniques

Fight Books in Comparative Perspective 1. International St ... · PDF fileFight Books in Comparative Perspective 1. International St ... The depiction and description of body techniques

Documents
DSA Support of Vemma YPR is Worthless - Truth in … · DSA Support of Vemma YPR is Worthless ... MLM, Multi-level marketing, Network marketing, ponzi scheme, Pyramid scheme ... twitter

DSA Support of Vemma YPR is Worthless - Truth in … · DSA Support of Vemma YPR is Worthless ... MLM, Multi-level marketing, Network marketing, ponzi scheme, Pyramid scheme ... twitter

Documents
First Pages of The Beautifully Worthless

First Pages of The Beautifully Worthless

Documents
The act of judging something to be worthless FLOCCINAUCINIHILIPILIFICATION:

The act of judging something to be worthless FLOCCINAUCINIHILIPILIFICATION:

Documents