Payment card industry (PCI) compliance is mandated by credit card companies to help ensure the security of credit card transactions in the payments industry. Payment card industry compliance refers to the technical and operational standards that businesses follow to secure and protect credit card data provided by cardholders and transmitted through card processing transactions.
Financial data, especially credit card numbers, pose an obvious DLP risk. Banks, financial institutions, and others concerned with protecting financial data typically use Nightfall’s payment card detectors.
Please see below for a Detection Rule Template for PCI Compliance:
Logical Operator: Flag as finding if ANY of these detectors are triggered
Credit Card Number
US social security number (SSN)