The Payment Card Industry (PCI) Security Standards Council has defined twelve high-level data security requirements, each of which includes multiple lower level requirements. The PCI Data Security Standard (PCI DSS) requirements apply to all entities involved in payment card processing as well as all other entities that store, process, or transmit cardholder data or sensitive authentication data. Its requirements, based on industry best practices, are valuable considerations for any business seeking technical and operational advice for protecting data, whether or not they process payment cards.
Many of the requirements put the responsibility on the payment card processing organization to use the server at the center of the cardholder data environment in a secure way. ClearPath® OS 2200 servers provide the necessary security features and flexibility for you to meet and exceed these requirements.
This paper addresses PCI DSS Version 3.2, which has been required for PCI DSS validations since October 31, 2016.