Card Industry Data Security Standard (PCI DSS) is a set of
comprehensive requirements for credit card account data security,
developed by a council, including American Express, Discover
Financial Services, JCB International, MasterCard Worldwide, and
Visa, Inc., to help facilitate the broad adoption of consistent
data security measures on a global basis.
The PCI DSS security standard includes requirements for security
management, policies, procedures, network architecture, software
design and other critical protective measures. This comprehensive
standard is intended to help organizations proactively protect
customer account data.
Our general security recommendations to units is that they do
NOT store ANY sensitive Cardholder Data.
The UB Financial Services Office and the Information Security
Officer (ISO) work with departments and schools that accept,
process, store, and transmit credit card data to ensure that all
merchant IDs at UB are in compliance with PCI DSS. PCI standards
apply to all types of payments, including in-person, mail,
telephone, and Web transactions. UB is committed to maintaining the
security of customer information, including payment cardholder
number, name, expiration date, and verification number, and follows
best practices for protecting payment card information.