The PCI Security Standards Council has released security guidelines for data security in e-commerce instances.
The guide is a product of the e-commerce Security Special Interest Group (SIG) and will offer advice to businesses selling goods and services over the internet to help them secure customer payment data and support PCI DSS compliance efforts.
Collaborated on by more than 60 global organisations representing banks, merchants, security assessors and technology vendors, the information supplement can be downloaded from the documents library on the PCI SSC website.
Jeremy King, European director of the PCI Security Standards Council, said: “E-commerce continues to be a target for attacks on card data, especially with EMV technology helping drive so much of the face-to-face fraud down in Europe and other parts of the world. We are pleased with this guidance that will help merchants and others better understand how to secure this critical environment using the PCI standards.”
As well as addressing the main e-commerce issues within the payment security space, the document includes two appendices to address specific PCI DSS requirements for e-commerce environments and for merchants and third parties scenarios.