Home / Compliance & Regulations / Industry Regulations

Industry Regulations

PCI Compliance

The ASU Information Security Office requires that all departments with a business requirement to process credit cards are in compliance with the PCI DSS Data Security Standards

Best practices - ASU follows the Financial Services best practices for payment card processing.

Workstation/device hardening standards - ASU has adopted the Center for Internet Security (CIS) standards for hardening servers, workstations and mobile devices.

PCI 3.0 will be in effect January 1, 2015.  The following PCI 3.0 Clarification Document offers additional information on interpreting the new standard.

Please see the ASU PCI compliance merchant services site for more information: https://students.asu.edu/pci-merchant-services

MasterCard & VISA Industry Group

In the wake of numerous high-profile data breaches and growing concerns about identity theft, credit card competitors Visa and MasterCard are teaming up to launch a cross-industry effort aimed at improving payment security for consumers.

MasterCard announced the creation of a new industry group that included banks, credit unions, acquirers, retailers, point-of-sale device manufactures, and trade industry groups. The group will be dedicated to addressing current security issues the industry is facing.

The group will first focus on the adoption of EMV (short for “Europay, MasterCard and Visa”) integrated chip technology. Under the EMV system consumers will use a smartcard embedded with a microchip and provide their PIN to complete a transaction. The chips make reproducing a card difficult for criminals. Even if the credit card information is gathered, without the chip the card is useless. The two credit card giants plan to end the current swipe-and-sign method by 2015.

Some critics have pointed out that new credit will not prevent credit card thieves from using stolen card information to make online purchases. Both MasterCard and VISA will be looking to address security issues including securing online purchases with tokenization and point-to-point encryption.

Read the full article here: http://consumerist.com/2014/03/07/mastercard-visa-form-industry-group-to-address-payment-security-issues/