PCI DSS Incident Response Templates
Download Free Payment Card Industry Data Security Standard Incident Response Template for Mastercard, VISA and American Express.
MasterCard Specific Steps:
- Within 24 hours of an account compromise event, notify the MasterCard Compromised Account Team via phone at 1-636-722-4100.
- Provide a detailed written statement of fact about the account compromise (including the contributing circumstances) via secured e-mail, to firstname.lastname@example.org.
- Provide the MasterCard Merchant Fraud Control Department with the complete list of all known compromised account numbers.
- Within 72 hours of knowledge of a suspected account compromise, engage the services of a data security firm acceptable to MasterCard to assess the vulnerability of the compromised data and related systems (such as a detailed forensics evaluation).
- Provide weekly written status reports to MasterCard, addressing open questions and issues, until the audit is complete to the satisfaction of MasterCard.
- Promptly furnish updated lists of potential or known compromised account numbers, additional documentation, and other information that MasterCard may request.
- Provide finding of all audits and investigations to the MasterCard Merchant Fraud Control department within the required time frame and continue to address any outstanding exposure or recommendation until resolved to the satisfaction of MasterCard.
- Once MasterCard obtains the details of the account data compromise and the list of compromised account numbers, MasterCard will:
- Identify the issuers of the accounts that were suspected to have been compromised and group all known accounts under the respective parent member IDs
- Distribute the account number data to its respective issuers.
Visa U.S.A. Specific Steps:
- Contact Visa USA Fraud Control Group immediately at (650)432-2978
- Participate in all discussions with compromised entity and Visa USA
- Engage in a Visa approved security assessor to perform the forensic investigation
- Obtain information about compromise from the entity
- Determine if compromise has been contained
- Determine if an independent security firm has been engaged by the entity
- Provide the number of compromised Visa accounts to Visa Fraud Control Group within 24 hours
- Inform Visa of investigation status within 48 hours
- Complete steps necessary to bring entity into compliance with CISP according to timeframes described in “What to do if Compromised”
- Ensure that entity has taken steps necessary to prevent future loss or theft of account information, consistent with the requirements of the Visa USA Cardholder Information Security Program
American Express Specific Steps:
- Within 24 hours of an account compromise event, notify American Express Merchant Services at (800) 528-5200.
- Prepare a detailed written statement of fact about the account compromise including the contributing circumstances.
- Prepare a list of all known compromised account numbers.
- Obtain additional specific requirements from American Express.
|Free Download Attachment||Size|