Analysis of security requirements for payment card industry and problems with their implementation

Rapid development of new technologies and their easy implementation introduces new risks that must be faced. This diploma thesis concentrates at payment card industry. Payment card industry come through significant development. Billions of dollar each year flow through these systems. New technologies like contactless cards, prepaid brand cards are emerging, ATM and payment terminal support new services and products. Merchant are looking for new opportunities. This situation brings along new threats and introduces new vulnerabilities. These are not necessarily new, only the whole environment got much more complicated and digger. Unfortunately the acting threats and vulnerabilities were not eliminated. Missing legislation measures and restricted enforceability are not sufficient to effectively fight against crime in this area. On the other hand sever organizations are aware of these threats and tries to face them. New security requirements were introduced for each separate subjects of payment card industry so that the risks are eliminated or their impact is reduced to an acceptable degree. Some of these requirements were already implemented and are in the scope of this work. The goal of this work is to explore these requirements. To find out what risks they are affecting and how effective they are. And in case of need help to implement the appropriate security measure. This work is practically oriented and can help responsible persons to ensure compliance with the requirements and face all effecting threats.