Malware - ANSWER Criminals utilize malicious software to enter computer
systems and steal payment data.
Phishing - ANSWER An attack that sends an email or displays a Web notice that
falsely claims to be from a genuine organization in an attempt to deceive the victim
into providing confidential information.
Criminals can get access to systems that store, process, or send payment data using
inadequate remote access controls.
Weak Password - ANSWER A password that is readily cracked and undermines
security.
ANSWER: Criminals seek for obsolete software to exploit holes in unpatched
systems.
Sniffer attacks, which infect e-commerce websites with malicious code, are
extremely difficult to detect.
ANSWER: Physical skimming is the process of obtaining cardholder data by
adding small hardware devices to POS systems.
Importance of Securing Payment Account Data - ANSWER: Cardholders may be
liable for unauthorized charges.
Merchants may incur fines, legal fees, and reputational damage.
- A negative influence on consumer trust and confidence.
- Loss of revenue and market share
,How Payment Security Protects the Industry - Answer: Prevents Financial Losses
- Builds customer trust.
- Maintains reputation.
Types of Data on a Payment Card - Answer: Chip
- Card Verification Code.
- Primary Account Number (PAN).
Expiration Date
- Magnetic strip
- Signature Strip.
- Card Verification Code.
Account Data That Can Be Stored After Authorization: Primary Account Number
(PAN)
- Cardholder's Name
Expiration Date
- SERVICE CODE
Account Data That May Not Be Stored After Authorization - FULL TRACK
DATA
- Card Verification Code.
- Pin/Pin Block
,Cardholder - ANSWER Is the client purchasing from the merchant? This may be a
card-present or card-not-present transaction.
Merchant - ANSWER Is the organization that accepts payment from the cardholder
during a purchase. The merchant transmits payment transaction data to their
acquirer.
Acquirer - ANSWER sends payment transaction data over the payment network to
the issuer.
Payment Brand Network - ANSWER facilitates payment transactions between the
merchant's acquirer and issuer.
Issuer - ANSWER Provides the card to the cardholder. Every time the cardholder
makes a purchase, the issuer notifies the merchant's acquirer whether the
transaction has been authorized or denied.
Third-party service providers are companies or organizations that directly process,
store, or transmit payment account data on behalf of another entity.
Authorization Process: ANSWER 1. Cardholder
2. Merchant
3. Acquirer
4. Payment Brand Network
5. Issuer
, Clearing Process: ANSWER 1. The acquirer submits purchase information to the
Payment Brand Network.
2. Payment Brand Network transmits information to the issuer.
3. Issuer confirms, and Payment Brand Network returns completed transaction data
to the acquirer.
Settlement Process: ANSWER 1. The issuer identifies the acquirer through the
Payment Brand Network.
2. Issuer sends payment to the acquirer.
3. The Acquirer pays the merchant the money.
4. Issuer invoices the cardholder.
ANSWER: PCI Security Standards Council
ANSWER: The PCI Security Standards Council is in charge of developing and
managing the Payment Card Industry Security Standards, particularly the PCI Data
Security Standard.
ANSWER: PCI Data Security Standard
PCI Data Security Standard: ANSWER Technical and operational standards
required to secure payment account data.
- Required for every entity that stores, processes, and transmits data.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Humat. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.