CISP-PCI

CISP (Cardholder Information Security Program) and PCI (Payment Card Industry Data Security Standard) are specifications developed and used by credit card companies for the purpose of ensuring and enhancing the privacy and security of financial data.

CISP was authored by Visa USA and mandated in 2001. The requirements of CISP apply to all enterprises that handle Visa cardholder information and payment channels, including:

• Brick-and-mortar transactions
• Mail-order transactions
• Telephone transactions
• Online transactions

PCI, mandated under CISP in 2004 and co-developed by Visa USA and MasterCard, defines an expanded set of requirements for the protection of credit-card information, including encryption, access control, physical security and operational audits. This standard requires that public networks and Web sites be tested frequently and regularly for compliance by a certified auditor.

Read more about CISP-PCI: - Visa USA provides an overview of CISP. - A printable version of PCI can be downloaded from Visa USA.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT How to use PCI to your (budgetary) advantage Fighting the budget battle can be a challenge at financial firms, but the Payment Card Industry Data Security Standard (PCI DSS) can be the ace up... PCI automation: Discovering the benefits Complying with PCI is just the beginning – staying compliant can be a challenge, too. Spyro Malspinas suggests two automation opportunities to... PCI council to start assessor quality assurance program Staff will evaluate merchant feedback on the quality of their assessors and issue probations and revoke certification for negative comments.