Levels of PCI Compliance

The 4 Merchant Levels of PCI Compliance

The regulation of payment cards is relatively new. But compliance with Payment Card Industry (PCI) standards is vital. The origins of PCI standards were in the 1990s, really the dawn of the modern era of computers. The security standards were developed because of serious incidence of credit card fraud once credit cards started being used for internet payments. Between 1988 and 1998, Visa and MasterCard reported credit card losses of $750 million. Although this is a sizable amount of money, it is a small percentage of the hundreds of billions of dollars in transactions recorded annually. History of PCI Security Standards Council (SSC) As increasing numbers of merchants began rolling out online commerce websites with poorly secured data systems, the rate of credit card fraud increased dramatically. The increasing rate of fraud prompted the development of industry security standards. In 2000, online credit card fraud grew to $1.5 billion, and the rate of fraud would…

Read Full Post
What is PCI Compliance

What is PCI Compliance? Common Questions Answered

If your business accepts any credit cards, then it is important to know what PCI Compliance is and how it applies. Knowing and abiding by the guidelines can save your organization from an expensive legal battle and ensure that your customers have the best security behind their purchases. Here are a few common questions regarding PCI Compliance: What is PCI Compliance? PCI (or Payment Card Industry) compliance requires following a defined the set of standards developed by the PCI Security Standards Council (which consists of AMEX, JCB, Visa, MasterCard and Discover). These standards apply to any company that accepts credit card payments, and all standards share the goal of providing and maintaining a secure network for customers that purchase via credit card. Who Sets The PCI Standards? The Payment Card Industry Security Standards Council establishes and sets the standards that must be followed by all merchants that accept credit cards. This council is managed by an…

Read Full Post
What's a PCI QSA

What Does a PCI Certified QSA Do?

What exactly is a PCI certified QSA? Should I hire one for my business? Perhaps these are questions you have asked yourself. Knowing what exactly they do and if they are necessary can be a complicated affair. However, if you are interested in learning more about PCI certified QSAs, you have come to the right place. We hope this will be a helpful and informative resource for you and will give you the information necessary to determine for yourself whether or not a PCI certified QSA is right for you. What is a PCI Certified QSA? A PCI certified QSA (qualified security assessor) is an individual who handles compliance auditing and consulting in the payment card industry. A PCI certified QSA assesses a business that deals with credit card data to ensure that they meet the necessary requirements of the PCI Standard. These security assessors must meet specific requirements in…

Read Full Post
Security Standards and Services

The 12 Mandated PCI Compliance Policies: Is Your Organization Doing All It Can?

If you work as a merchant in the payment card industry (PCI) pipeline, then you know that dealing with PCI compliance is a challenge. Sorting through the many rules and regulations is time-consuming and painstaking work; however, the time spent is worth it when you realize that PCI compliance helps provide shelter for you in case there is a breach. We studied the 12 mandated PCI compliance policies and have come up with a few tips for coping with this issue. Let’s start with the basics. PCI DSS Payment Card Industry Data Security Standards (PCI DSS) comprises the globally accepted policies and procedures of the payment card industry. The Payment Card Industry Security Standards Council developed and maintains these standards. The payment card industry and all merchants, retailers and other organizations of any size that accept payment by credit cards and process, store, or transmit cardholder financial information or authentication…

Read Full Post
PCI Compliance

Does PCI Compliance apply to my business?

Many merchants are confused about what the Payment Card Industry (PCI) compliance is. Some also find themselves confused on whether PCI compliance applies to them. The simplest of answers is, yes, it applies to your business. To understand why the confusion exists, let’s talk about what the PCI standard is and why it is required for all businesses that accept credit cards. The PCI Security Standards Council was formed in 2006 by AMEX, JCB International, Visa Inc., MasterCard and Discover. The Council established PCI Data Security Standards (DSS) which is a set of guidelines regarding cardholder data security. The official site for PCI Compliance, contains a great source of information for merchants. Any merchant or financial institution that handles cardholder data is subject to the PCI DSS Standards. Merchants mistakenly assume that if their credit card processor or merchant services provider doesn’t require them to be PCI compliant, that they…

Read Full Post