ePrints.FRI - University of Ljubljana, Faculty of Computer and Information Science

Introduction of card payment system in a merchant company

Anja Štrukelj (2015) Introduction of card payment system in a merchant company. EngD thesis.

[img]
Preview
PDF
Download (2490Kb)

    Abstract

    The thesis is about PCI DSS, which stands for Payment Card Industry Data Security Standard. PCI DSS represents a uniőed approach to the protection of sensitive card data and to prevention of abuses in the payment card industry. Implementation of the standard in the company provides a higher level of security, it maintains conődence, protection against abuse and consequently protection against őnancial losses and loss of reputation. When paying with credit cards, the őrst link in the chain of events is a merchant that accepts payment cards. Right behind the merchant there are diferent types of processors, that process payment cards information. These includes payment processing centers, which are a link between the merchant and the bank. The third link in the chain are the banks which have a contractual relationship with both the cardholder and the merchant, who is willing to accept payment cards. All of these organizations must implement standard PCI DSS in their system if they want to do business with credit cards. In this thesis we are focused on the implementation of standard PCI DSS in the company of a large merchant. The goal of this thesis is to explore possible solutions for implementation of standard PCI DSS in the company of a large merchant and őnd out if the chosen solution is really the optimum choice. In the őrst part we describe what standard PCI DSS is and what requirements must be met in order to achieve compliance with the standard. We describe the concept of PCI scope and name the reasons why it is necessary to minimize it. In the second part we analyze the possible solutions for the implementation of standard in the company. We described the process of implementing selected solution to the company. We describe the components of the system that are responsible for ensuring compliance with the PCI DSS, which are a product of our own development. Finally, we analyze if the selected solution was really optimal and suggest improvements and measures.

    Item Type: Thesis (EngD thesis)
    Keywords: PCI DSS, standard implementation, merchant, payment card industry, POS terminal, security solution provider
    Number of Pages: 52
    Language of Content: Slovenian
    Mentor / Comentors:
    Name and SurnameIDFunction
    doc. dr. Andrej Brodnik5540Mentor
    Link to COBISS: http://www.cobiss.si/scripts/cobiss?command=search&base=51012&select=(ID=1536259523)
    Institution: University of Ljubljana
    Department: Faculty of Computer and Information Science
    Item ID: 2948
    Date Deposited: 17 Mar 2015 10:26
    Last Modified: 03 Apr 2015 10:43
    URI: http://eprints.fri.uni-lj.si/id/eprint/2948

    Actions (login required)

    View Item