Running head: ANNOTATED BIBLIOGRAPHY:  

PAYMENT CARD INDUSTRY DATA

SECURITY STANDARD REGULATIONS 1

Annotated Bibliography:  Payment Card Industry Data Security Standard Regulations

Students Name

Institutional Affiliation
ANNOTATED BIBLIOGRAPHY:  PAYMENT CARD INDUSTRY DATA SECURITY
STANDARD REGULATIONS 2

Kemp, K., & Buckley, R. (2017). Protecting Financial Consumer Data in Developing Countries:

An Alternative to the Flawed Consent Model. Georgetown Journal of International

Affairs, 18(3), 35-46

According to the article, the invention of internet services has granted people numerous

opportunities to offline and online companies easy ways of making payments. However, as the

system of payment has shifted to use credit cards and debit cards hence people rarely use cash,

new security threats have emerged (Kemp & Buckley, 2017). Hackers and other malicious

people have developed new ways of beating the system. As an impact, therein of the security

threats, this is forcing companies using this form of payment to come up with new and secure

ways of mitigating the threats. Some the companies such as American Express, Master Card,

JCB and Visa have come together to build and secure this form of payment.

Enigbokan, O., & Ajayi, N. (2017). Managing Cybercrimes Through the Implementation of

Security Measures. Journal of Information Warfare, 16(1), 112-129

According to PCI DSS, there are numerous control obligations and requirements that are

set by the council. Despite the differences, the requirements are geared towards a common goal

which is enhancing security of storing and transmitting financial data in card payment in a secure

manner and qualified personnel. The article focuses on regulation objective that is to shield

cardholder data. At the same time, the regulation objective has two stipulations that is safeguard

saved cardholder data and secure conveyance of cardholder details in open and openwork usable

by the public.

Before, owning a payment card for instance American Express there are required to

submit their personal particulars such as mobile number, name, next of kin, physical address, and

email address. The use of confidential information of a person to a network poses a huge menace
ANNOTATED BIBLIOGRAPHY:  PAYMENT CARD INDUSTRY DATA SECURITY
STANDARD REGULATIONS 3

to the company handling the data (Enigbokan & Ajayi, 2017). However, the largest menace is

held by the card holder since they have their money safeguarded in the card and also has

essential personal data that can be used to set in motion attacks against them. Hence, the PCI

DSS puts into consideration the menace and that pushes the companies to secure the details of a

card holder

Garrie, D., & Byhovsky, I. (2017). Privacy and Data Protection in Russia. Journal of Law

& Cyber Warfare, 5(2), 235-253.

Merchants should ensure that all people that they transact with are fully bided with Payment

Card Industry Data Security Standards (PCI DSS) (Garrie & Byhovsky, 2017). The absolute idea

behind the need to follow is to ensure that the affairs that a business people conducts do not serve

as a facilitating factor for terrorism, cybercrimes, and money laundering. In the event that the

compliance authorities find out that a business person does not follow the set laws, they may be

eligible for a lawsuit, payment of damages for the breach of privacy and delicensing. Besides

that, in the in case a merchant is participates in cryptography, they should ensure that the

information is unreadable to prevent criminals from accessing information.

Gupta, M., Sharman, R., & Walp, J. (2018). Information technology risk management and

compliance in modern organizations. Hershey, PA: Business Science Reference

The article states that a person has the liability of helping in safeguarding their card

holder details. One of the ways of enhancing safety is by requesting for all transactions and

ascertaining the use of any additional information before giving out to business people and

payment industries (Gupta, Sharman & Walp, 2018). Authenticating the type of information that

a client gives keeps of the chances of giving out sensitive details such as personal identification

number. Also, account holders should use appliances that allow coding and decryption of
ANNOTATED BIBLIOGRAPHY:  PAYMENT CARD INDUSTRY DATA SECURITY
STANDARD REGULATIONS 4

information. Besides, gadgets that have a security system that block dubious websites and users

from flaring-up laptops hence mitigating chances of leaking crucial data.

Fritsch, L., & Fischer-Hübner, S. (2018). Implications of Privacy & Security Research for

the Upcoming Battlefield of Things. Journal of Information Warfare, 17(4), 72-87.

Coding of cardholder entails the task of transforming information to a form that those

specific keys can decrypt. The information is safeguarded in a way or a language that no person

or organization can understand unless given the key for decrypting the data (Fritsch & Fischer-

Hübner, 2018). Encryption is an essential part of safeguarding and securing the card holder to

avert cases where criminals get data that they are not required to have which may accommodate

the system or may affect the amount of money saved in a card. Under PCI DSS, coded details is

commonly known as cypher information while the data that is not safeguarded through coding is

regarded as plain text.

Gomzin, S. (2014). Hacking point of sale: Payment application secrets, threats, and

solutions. Indianapolis: Wiley

One of the advantages of saving the information of cardholders is that it develops the

trust of customers. If a company is able to grasp huge sums of money and crypto without

discharging critical information, the entity encourages client confidence towards the systems,

staff and gadgets (Gomzin, 2014). Furthermore, the financial organizations are geared by trust

and reliance. Any doubt in any payment establishes suspicion on the part of a customer and the

business partner. As an outcome, therein of encouraged trust, a customer is able to make huge

transaction and also, bring on board their friends and family to incorporate the use of cards in

remittance.
ANNOTATED BIBLIOGRAPHY:  PAYMENT CARD INDUSTRY DATA SECURITY
STANDARD REGULATIONS 5

Seaman, J. (2020). PCI DSS: An integrated data security standard guide. New York.

APRESS.

The advantage of protecting the details of card holder is that it ensures a corporate

complies with the regulations and litigations such as The Health Insurance Portability and

Accountability Act (HIPAA) and Sarbanes-Oxley Act (SOX) that protects consumers from

errors or any treacherous transactions made by an organization (Seaman, 2020). By the virtue of

holding consumer’s hard cash, the card organization is liable for safeguarding the transactions of

an organization. On a broad spectrum, abiding with rules enhances the general data technology

of infrastructure and also acts as the best point for putting in place corporate security strategies.

In conclusion, credit card remittance has been a changing factor in the financial sector.

However, there has been an encouraging increase in dubious activities that have cost credit card

organizations and users. Due to the increase in dubious cases the PCI Standards Security Council

developed some number strategies that geared towards streamlining the credit card management

techniques. The council comprised of the leading card payment organizations such Visa, JB and

American
ANNOTATED BIBLIOGRAPHY:  PAYMENT CARD INDUSTRY DATA SECURITY
STANDARD REGULATIONS 6