Online Payments: Bridging the Gap Between Fraud Prevention and Data Protection Compliance

No ratings

Presented at IAPPEuDPC 2014 by

Ariane Mole

Reducing the risk of credit card fraud is a necessity for any organization—no matter how big or small—handling cardholder information and accepting payments online. Compliance with the international Payment Card Industry Data Security Standards (PCI DSS) is compulsory for ensuring security of transactions. However, the need to fight against fraud, which implies monitoring, profiling or blacklists, can be difficult to reconcile with data protection compliance. The French data protection authority, the CNIL, has built up new data protection guidance based on the PCI DSS technical standards, to regulate online payments and storage of credit card details. In this session, we will explain how the standards affect you and how to ensure compliance. We will look at enforcement actions and highlight differences between jurisdictions across Europe, and will also assess the industry needs against the provisions of the draft European data protection regulation. What you’ll take away: · A practical understanding of how the requirements affect you · Exclusive insight into the stance of the CNIL and other data protection authorities · An analysis of whether industry needs are properly dealt with in the draft European data protection regulation