Payment Card Industry Data Security Standard (PCI DSS) Implementation
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security requirements developed by credit card companies to ensure consistent data security measures for sensitive credit cardholder data.
UCSC Merchants, units and departments that accept credit card payments must comply with PCI DSS requirements. For information and guidance, please contact UCSC's Campus Credit Card Coordinator at firstname.lastname@example.org or 459-3206.
For information about the PCI DSS itself, please visit the following PCI Security Standards Council web pages:
- About the PCI Data Security Standard (includes link to download the complete PCI DSS, v2)
- Note: See pages 7-8 of the PCI DSS, v2, for information about the applicability of the PCI DSS and definitions of "Account Data," "Cardholder Data," and "Sensitive Authentication Data." See page 10 for a definition of "System Components."
- PCI DSS Supporting Documents (including the required Self-Assessment Questionnaires)
- Questionnaires are also available directly at https://www.pcisecuritystandards.org/merchants/self_assessment_form.php.
UCSC Training Guide
- UCSC Payment Card Industry Data Security Standards (PCI DSS) Training Guide
- PCI training for UCSC ITS staff
- MasterCard's PCI Merchant Education Program
Free educational webinar series on PCI from MasterCard -- Registration required
- General UCSC computer security awareness information and training
The following information combined satisfies the general computer security awareness training requirement for individuals with access to sensitive credit cardholder data
Comments and Questions:
Please send comments and questions about PCI compliance at UCSC to the Campus Credit Card Coordinator at email@example.com or 459-3206.
Please contact firstname.lastname@example.org with comments about this web page.