EasyManua.ls Logo

ANZ POS MOVE - Securing Transaction Records

ANZ POS MOVE
61 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
17
Validating PCI DSS Compliance
To validate compliance with PCI DSS, your business must complete the following
validation tasks:
1) Annual PCI DSS Assessment
The Self-Assessment Questionnaire (SAQ) is a free assessment tool used to assess
compliance with the PCI DSS standards. There are 4 dierent SAQs, covering a variety of
payment processing environments, available to download from the PCI SSC website at:
https://www.pcisecuritystandards.org/merchants/self_assessment_form.php
Compliance assessments may also be performed by completing an onsite audit with
an independent PCI approved Qualied Security Assessor (QSA). PCI maintains a list of
PCI approved QSAs at: https://www.pcisecuritystandards.org/approved_companies_
providers/index.php
2) Quarterly Network Vulnerability Scans
If your business accepts payments via the Internet, or has any electronic storage of
Cardholder or transaction information, then Quarterly Network Vulnerability Scanning is
required to ensure compliance with PCI DSS.
An external vulnerability scan enables your business to assess your level of security from
potential external threats.
PCI-Approved scanning tools are used to generate trac that tests your network
equipment, hosts, and applications for known vulnerabilities; the scan is intended to
identify such vulnerabilities so they can be corrected.
ANZ provides a complimentary PCI DSS Compliance Program to our merchants,
including PCI-approved Network Vulnerability Scanning – please email
pcicompliance@anz.com or contact ANZ on 1800 039 025 to request access to our PCI
DSS program.
8.2 SECURING TRANSACTION RECORDS
In general, no Cardholder data should be stored unless it is strictly for use within the
business and absolutely necessary.
However, if you have authority from ANZ to process mail order / telephone order,
eCommerce or manual payments you may be required to store cardholder data
and transaction records. Please ensure all paper and electronic records containing
cardholder data are secured (e.g. locked ling cabinet), these may include: MOTO order
forms, merchant copies of Manual transactions, or pre-authorisation transactions.
Where storage of cardholder data is required, you must ensure both the type of
cardholder data retained, and the method used to store it is compliant with PCI DSS and
ANZ requirements.

Table of Contents

Other manuals for ANZ POS MOVE

Preview: Quick Reference Guide
Quick Reference Guide4 pages

Related product manuals