1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: How to ensure PCI DSS compliance when dealing with message queues

Discussion in 'CSO' started by RSS, Feb 11, 2016.

  1. RSS

    RSS New Member Member

    In part 1 of this series, David Mundhenk and I detailed issues around PCI and message queuing. Here in part 2, we will get more into the nitty-gritty of how to ensure PCI DSS compliance when dealing with message queues.

    First off, how do you know if the message is in scope for PCI? It’s in scope if it stores, processes or transmits PCI data. The nature of queuing means that it’s certainly transmitting data.

    If that transmission includes any of the following data types: card Primary Account Number (PAN), cardholder name, service code, expiration date, full track data, CVV codes or PIN blocks; then it’s in-scope for PCI.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page