PCI DSS: The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS applies to all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
Expleo Solutions Limited adopted PCI DSS to meet the customer requirement specific to Cards & Payments domain. Expleo Solutions Limited has designed and implemented technical and operational controls to protect cardholder data.
Expleo Solutions Limited not only implemented a minimum set of requirements for protecting cardholder data, but also deployed additional controls and practices to further mitigate risks to address local, regional and sector laws and regulations. These controls also address the legislation or regulatory requirements on protection of personally identifiable information or other data elements.
The PCI DSS security requirements apply to all system components included in or connected to the Cardholder Data Environment. The Cardholder Data Environment (CDE) comprises of people, processes and technologies that store, process or transmit cardholder data or sensitive authentication data. “System components” include network devices, servers, computing devices and applications.