The 12 Mandated PCI Compliance Policies: Is Your Organization Doing All It Can?

If you work as a merchant in the payment card industry (PCI) pipeline, then you know that dealing with PCI compliance is a challenge. Sorting through the many rules and regulations is time-consuming and painstaking work; however, the time spent is worth it when you realize that PCI compliance helps provide shelter for you in case there is a breach. We studied the 12 mandated PCI compliance policies and have come up with a few tips for coping with this issue. Let’s start with the basics. PCI DSS Payment Card Industry Data Security Standards (PCI DSS) comprises the globally accepted policies and procedures of the payment card industry. The Payment Card Industry Security Standards Council developed and maintains these standards. The payment card industry and all merchants, retailers and other organizations of any size that accept payment by credit cards and process, store, or transmit cardholder financial information or authentication…

Read Full Post
PCI Compliance

Does PCI Compliance apply to my business?

Many merchants are confused about what the Payment Card Industry (PCI) compliance is. Some also find themselves confused on whether PCI compliance applies to them. The simplest of answers is, yes, it applies to your business. To understand why the confusion exists, let’s talk about what the PCI standard is and why it is required for all businesses that accept credit cards. The PCI Security Standards Council was formed in 2006 by AMEX, JCB International, Visa Inc., MasterCard and Discover. The Council established PCI Data Security Standards (DSS) which is a set of guidelines regarding cardholder data security. The official site for PCI Compliance, contains a great source of information for merchants. Any merchant or financial institution that handles cardholder data is subject to the PCI DSS Standards. Merchants mistakenly assume that if their credit card processor or merchant services provider doesn’t require them to be PCI compliant, that they…

Read Full Post
Common Questions about PCI Compliance

4 Answers to Common Questions About Compliance With PCI Data Security Standards

PCI DSS and the PCI SSC requires ASV scans and SAQs for every merchant. Bleh. Enough with all the jargon. Here are some questions that we’ve been asked over the years with transparent, easy-to- understand answers. When you boil it down, PCI compliance is simple. Let’s start by de-mystifying those acronyms … PCI DSS – Payment Card Industry Data Security Standards. These are the benchmarks for security that every merchant account that accepts credit cards needs to meet. PCI SSC – Payment Card Industry Security Standards Commission. Basically this is Visa®, MasterCard®, Discover® and Amex®. They’re technically an independent organization that defines the standards for data security. ASV – Approved Scanning Vendor. These are companies that are approved to scan your network and tech systems to ensure that they’re in compliance. SAQ – Self-Assessment Questionnaire. This handy tool lets you do a self-check-up that will help you understand if you’re…

Read Full Post