Pci emv

Solo disponible en BuenasTareas
  • Páginas : 15 (3704 palabras )
  • Descarga(s) : 0
  • Publicado : 14 de diciembre de 2010
Leer documento completo
Vista previa del texto
Payment Card Industry (PCI)

Data Security Standard

PCI DSS Applicability in an EMV Environment
A Guidance Document
Version 1
Release date: 5 October 2010

Table of Contents
1 Executive Summary................................................................................................. 3
1.1 1.2 1.3 The Role of EMV....................................................................................................................... 3 The Role of the PCI DSS........................................................................................................... 4 Conclusions ............................................................................................................................... 4

2 Scope........................................................................................................................ 5 3 EMV Security and PCI DSS ..................................................................................... 6
3.1 The Payment Card Environment ............................................................................................... 7 3.1.1 Magnetic-Stripe Transactions.......................................................................................... 7 3.1.2 Technical Fallback ........................................................................................................... 7 3.1.3 PAN Key Entry ................................................................................................................. 8 3.1.4 Mail Order/Telephone Order-based Transactions........................................................... 8 3.1.5 EMV Transactions ........................................................................................................... 8 3.2 PCI DSS and the Current EMV Environment ............................................................................ 8 3.3 Future Developments in Transaction Security.......................................................................... 9 3.4 Summary ................................................................................................................................... 9

4 Reference & Glossary ........................................................................................... 11
4.1 4.2 4.3 References.............................................................................................................................. 11 Abbreviations & Glossary ........................................................................................................ 12 Acknowledgements ................................................................................................................. 12

PCI DSS Applicability in an EMV Environment – A Guidance Document © 2010 PCI Security StandardsCouncil, LLC

October 2010 Page 2

1

Executive Summary
This document compares and contrasts the current fraud-reduction capabilities of EMV within the security framework of the Payment Card Industry Data Security Standard (PCI DSS) and examines the rationale for why it remains necessary to implement PCI DSS in the EMV environments that exist today.

1.1

The Role of EMV

EMV smartcardswere designed and introduced to reduce fraud occurring in magnetic-stripe faceto-face environments, by using integrated-circuit (IC) based cards that use secret cryptographic keys to generate authentication and authorization data. As such, robust implementations of the EMV specifications can mitigate the risk of compromised card data being used to commit face-toface fraud. EMV implementations thatutilize different card verification values maintained on the chip from those maintained in the magnetic-stripe image provide an effective barrier to creating counterfeit magnetic-stripe cards from compromised EMV magnetic-stripe image data. In addition, when implemented in conjunction with PIN for cardholder verification, EMV limits the impact of the lost/stolen/never-received categories of...
tracking img