Definitions of Frequently Used Terms
Main Content
- Payment Card Industry Data Security Standard (PCI DSS): PCI DSS is the result of collaboration between the four major credit card brands to develop a single approach to safeguarding sensitive data. PCI DSS defines a series of best practices for handling, transmitting, and storing sensitive data.
- Cardholder Data: Includes cardholder name, full account number, expiration date, service code, full magnetic stripe, PIN / PIN Block or Card Validation Code (e.g., three-digit or four-digit value printed on the front or back of a payment card (e.g., CVV2 and CVC2 data)).
- Sensitive Cardholder Data: Includes Card Validation Code (e.g., three-digit or four-digit value printed on the front or back of a payment card (e.g., CVV2 and CVC2 data)), full magnetic stripe, and PIN / PIN Block.
- Merchant: Any person or department accepting money for goods or services. Includes conference registrations, memberships, fees, etc.
- Credit Card: Any payment card, including debit cards, which is issued by one of the major credit card associations (e.g. Visa, MasterCard, Discover)
- PCI DSS Campus Committee Representatives: The Bursar and designated Information Technology representative at each respective campus location. For purposes of this document, the term Bursar includes the Comptroller at the School of Medicine.
- Payment Application Data Security Standards (PA-DSS): Program developed by Visa to assist software vendors in creating secure payment applications that are PCI DSS compliant. A list of all vendors currently PABP compliant can be found on Visa’s website at PCI Security Standards.
- Payment Application Data Security Standards (PA DSS): Program managed by the Payment Card Industry Security Standards Council (PCI SSC) formerly managed by Visa and known as PABP. PA DSS is a set of standards designed to assist software vendors in developing secure payment applications that comply with PCI DSS requirements. A list of validated payment applications will be listed on the PCI SSC website, https://www.pcisecuritystandards.org/,