PCI DSS

Payment Card Industry Data Security Standard (PCI DSS) compliance

Data security in payment transactions

Cybersecurity solutions for your PCI DSS compliance

The credit card industry has a special interest in ensuring data security for its customers and therefore meet PCI DSS compliance. After all, if cybercriminals for example compromise cardholder data and misuse credit card data, the damage is not only monetary; insecure payment transactions lead to irreparable damage to the company's reputation.

Credit card organizations such as American Express, Discover, JCB, MasterCard and Visa have developed a security standard for card and transaction data to ensure that cardholder data is not compromised. All parties involved are protected to the best of their ability against data misuse. The Payment Card Industry Data Security Standard (PCI DSS) applies to banks (issuers and acquirers), payment service providers, hosting providers, merchants and payment application providers.

"The number of attacks on web applications whose components have not been updated or are incorrectly configured is increasing. Applications are becoming more interactive, allowing attackers to inject specific malicious code in multiple locations to access confidential information."

Benefits of our solutions to become PCI DSS compliant

Payment card data is very sensitive. Organizations must avoid data theft as they not only lead to enormous losses, but can also damage the company's image in the long term. Data security here means information security and is essential for payment card processors.

Web application firewalls provide comprehensive protection for those organizations seeking to meet the requirements of PCI DSS.

Payment security with PCI DSS compliance

The PCI DSS standard involves twelve requirements and applies to all organizations that process data from cards with payment functions. Failure to comply with PCI DSS can be sanctioned by withdrawal of authorization to process credit card data and fines.

"R&S®Web Application Firewall was developed to meet the strict security requirements in the banking sector and functions as a highly secure and powerful frontend for critical online banking applications."
  • R&S®Web Application Firewall filters and accelerates web transactions at application level, whether on the internet, extranet or intranet, including data flow within SSL, and uses essential protective mechanisms to safeguard applications and data to meet PCI DSS compliance.
  • By meeting eleven of twelve high-level PCI requirements, R&S®Web Application Firewall optimally covers the required security regulations.
  • R&S®Web Application Firewall offers a simple, fast and cost-effective way to obtain certification – compared to planning dedicated and permanent security checks, which is rather uneconomical.
  • Organizations' cyber defense mechanisms consist not only of achieving PCI DSS compliance, but also of maintaining it. They can prevent attacks that aim to steal cardholder data.

The PCI DSS compliance consists of these twelve requirements

  • Installation and maintenance of a firewall configuration to protect the data of credit card holders
  • Exclusion of predefined standard passwords and other security relevant parameters
  • Protection of the stored data of credit card holders
  • Usage of encryption solutions when transmitting credit card data over open or public networks
  • Usage and updates of antivirus software
  • Development and maintenance of safety systems and applications
  • Restricted access to credit card holder data to persons who are absolutely necessary
  • Assigning a unique ID to each person with computer access
  • Physical access restriction to credit card holder data
  • Recording and monitoring all access to network resources and credit card holder data
  • Regular testing of security systems and processes
  • Creation and maintenance of an information security policy

If you have further questions please contact us.

Featured PCI DSS content

White paper: How to achieve PCI DSS compliance

This white paper illustrates how companies and organizations achieve PCI certification.

Register now

Webinar: Protecting against the Top 10 most critical API security risks

In this webinar you will learn about the Top 10 most critical API security risks and how to achieve an overall robust protection of APIs.

Register now

Case study: High-performance VPN provides global security

Learn how R&S®Trusted VPN is applied for secure voice and data communications at 78 locations in 40 countries.

More information

Webinar: Secure remote workstation with R&S®Trusted VPN Client

Learn in this webinar how to protect sensitive data communications from untrusted networks to corporate networks.

Register now

Case study: Secure connection to the data center

The association of the substitute funds focuses on encryption with R&S®SITLine ETH. Find out what the challenges were and how they are solved with us.

More information

Your monthly cybersecurity update

Your monthly cybersecurity update

Contact Us

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to news@rohde-schwarz.com. Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error has occurred, please try again later.