PCI DSS is a security standard that is used worldwide to protect cardholders’ personal information.

This standard is applicable to QuidLink Social Payment System since it stores and processes the cardholder information. This standard includes requirements for security management, network architecture, software design, security policies and procedures, and other protection of customer account data. QuidLink will be use this standard to reduce the risk of data breach.

PCI DSS six principles:

• Build and maintain a secure network
  • QuidLink firewall configuration will be set to protect cardholders’ data
• Protect your cardholder data
  • QuidLink will protect stored cardholder data in in its secured webserver.
  • QuidLink will encrypt transmission of cardholders’ data across open, public networks using SSL
• Keep a vulnerability management plan
  • QuidLink will always use and regularly update anti-virus software
  • QuidLink will be developed to as a high profile secured system using bank security standards
• Implement strong access control practices
  • QuidLink will limit access to cardholder data to only those who need to know
• Monitor and test your networks on a regular basis
  • QuidLink will track and monitor all access to network resources and cardholder data
  • QuidLink will regularly test security systems and procedures and perform regular penetration tests.
• Keep an information security policy
  • QuidLink has a policy that addresses information security

Resource:

Payment Security