PCI DSS Training

A trio of PCI DSS training courses – with targeted content based on each employee's role – covering the purpose, evolution and benefits of PCI DSS and diving into the security best practices to accept, handle and store credit card data.

Safeguard Credit Card Data with PCI DSS Training

Any business that transmits, stores, handles or accepts credit card data needs PCI DSS training. 

Some of today’s worst data breaches involve stolen payment information, resulting in violations of the Payment Card Industry Data Security Standard (PCI DSS), a standard for organizations that deal with credit card data. PCI DSS compliance protects both organizations and consumers by putting security measures in place to take credit card payments securely while ensuring that personal data from purchases are not seen by unauthorized parties to avoid fraudulent activity. 

GLS offers PCI DSS training in three formats:

PCI-DSS Introduction Course

This comprehensive course covers the latest information on PCI DSS version 3.1. It contains not only the basics of PCI DSS – dvanced content including compliance requirements, consequences of non-compliance, responsibilities of each department and best practices for employees to ensure compliance.
LEARN MORE

PCI-DSS
for Retail

People want to know their personal information is safe when making a transaction. With PCI-DSS training that teaches employees to recognize and avoid fraudulent activity, retailers create the trust needed for consumers to continue patronizing your business.
LEARN MORE

PCI-DSS Introduction Essentials

This course is a shorter version of the PCI DSS Introduction training 5610. It covers the most essential content: An overview of PCI DSS, how to protect cardholder data, and steps that employees should follow for complying with PCI DSS requirements.
LEARN MORE

PCI-DSS Introduction Course

This comprehensive course covers the latest information on PCI DSS version 3.1. It contains not only the basics of PCI DSS – dvanced content including compliance requirements, consequences of non-compliance, responsibilities of each department and best practices for employees to ensure compliance.
LEARN MORE

PCI-DSS
for Retail

People want to know their personal information is safe when making a transaction. With PCI-DSS training that teaches employees to recognize and avoid fraudulent activity, retailers create the trust needed for consumers to continue patronizing your business.
LEARN MORE

PCI-DSS Introduction Essentials

This course is a shorter version of the PCI DSS Introduction training 5610. It covers the most essential content: An overview of PCI DSS, how to protect cardholder data, and steps that employees should follow for complying with PCI DSS requirements.
LEARN MORE

Check back for PCI DSS 4.0 training coming soon!

PCI DSS Introduction –
Course Description

Module 1: Defining PCI DSS

  • Overview – who created the PCI DSS standard and the purpose of PCI DSS
  • The key technology used by PCI DSS to protect payment cards – EMV chip, card identification, primary account numbers, CVV and magnetic stripe
  • Differentiating between Card Present and Card Not Present transactions

Module 2: Protecting Cardholder Data

  • Importance and benefits of protecting cardholder data
  • Consequences of non-compliance with PCI DSS
  • Typical vulnerabilities that can lead to data security breaches

Module 3: Evolution of PCI DSS

  • History and evolution of PCI DSS as a security standard
  • Key characteristics of the current standard (PCI 3.0)
  • Brief discussion of the latest dot release (PCI 3.1)

Module 4: PCI DSS Requirements

  • The six control objectives merchants need to achieve to comply with PCI DSS
  • How technology requirements work to protect cardholder data

Module 5: Complying with PCI DSS

  • List of businesses that need to comply with PCI DSS
  • Departments of a typical organization that need to comply with PCI DSS
  • Steps that employees should take to prevent credit card fraud
  • Steps that employees should take when fraud occurs

Module 6: Summary and Test

  • Course summary
  • Knowledge check

Contact GLS about PCI DSS training:

First Name
*
Last Name
*
Job Title
Email Address
*
Phone Number
*
Organization Name
*
Organization Size
Product/Solution Area of Interest

PCI DSS for Retail –
Course Description

Role Selection
Depending on their duties in the organization, users select from one of the following roles:

    • Handling in-person transactions only
    • Handling phone, mail, fax or ecommerce transactions only
    • Handling both in-person and other forms of transactions
    • Playing a leadership role in securing in-person transactions only
    • Playing a leadership role in securing phone, mail, fax or e-commerce transactions only
    • Playing a leadership role in securing both in-person and other forms of transactions

Module 1: Introduction to PCI-DSS

    • What is PCI-DSS?
    • The payment card players involved in a transaction: card issuer, merchant, and cardholder
    • Description and importance of Cardholder Data (CHD) and Sensitive Authentication Data (SAD)
    • Important details of CHD and SAD
    • Strategies that criminals use to steal card data
    • Requirements of PCI DSS

Module 2: Card Present Environment

    • What is a card present environment?
    • Types of payments linked to payment cards
    • The various payment card security features
    • Different ways of accepting card present payments:
    • The processing flow for magnetic stripe transactions
    • Other types of card payments
    • How to protect card devices
    • How to identify suspicious customer behavior
    • Recognizing the signs of a false card

Module 3: Card Not Present Environment

    • What is a card not present environment?
    • How to accept card not present payments
    • How to process card not present payments by phone, mail or fax
    • Best practices for MOTO and fax transactions
    • Best practices for handling payment equipment
    • Best practices for storing and destroying payment data
    • Best practices for e-commerce transactions
    • How to protect the company from fraud
    • Cybersecurity best practices
    • Module summary

Module 4: Advanced Topics

  • Consequences of non-compliance to PCI-DSS
  • Understanding PCI-DSS requirements
  • Asking for ID with a payment card with regards to the legal and PCI/Card network position
  • Understanding additional transaction types
  • Reporting a potential security incident (Code 10)
  • Recognizing terminal tampering
  • Understanding physical attack vectors such as shoulder surfing, dumpster diving and device theft
  • Avoiding social engineering attacks such as spear phishing and tailgating
  • Cybersecurity best practices
  • Best practices for e-commerce

Module 5: Final Test

 

Upon completion, learners will be able to:

PCI DSS Introduction Essentials –
Course Description

Module 1: Defining PCI DSS

  • Overview – Who created the PCI DSS standard and the purpose of PCI DSS
  • The key technology used by PCI DSS to protect payment cards – EMV chip, card identification, primary account numbers, CVV and magnetic stripe
  • Differentiating between Card Present and Card Not Present transactions

Module 2: Protecting Cardholder Data

  • Importance and benefits of protecting cardholder data
  • Consequences of non-compliance with PCI DSS
  • Typical vulnerabilities that can lead to data security breaches

Module 3: Complying with PCI DSS

  • List of businesses that need to comply with PCI DSS
  • Departments of a typical organization that need to comply with PCI DSS
  • Steps that employees should take to prevent credit card fraud
  • Steps that employees should take when fraud occurs
GLS Logo

Your download is complete!

Need more training?