Requirements for information security for participants of the transaction infrastructure market

The article considers information security requirements for participants of the transactional infrastructure market, these requirements are described in the PCI DSS standard, developed with the participation of international payment systems. The author describes the six control areas described in the standard: the construction and maintenance of a secure network; data protection for cardholders; support for the vulnerability management program; implementation of measures for strict access control; regular monitoring and testing of the network; support of the information security policy. The problems of each of the control areas are disclosed and the requirements of the PCI DSS standard are prepared in detail.