PCI

PCI Compliance Checklist: 12 Requirements Explained

What is PCI Compliance? If you currently accept or are planning on accepting payment card transactions, you’ve probably heard of PCI Compliance. It can be tricky to implement, but the reasoning behind PCI is straightforward. No one — not businesses, consumers, or issuing banks want to be the cause or victim of a payment security breach, so PCI was created to help isolate liability and reduce breaches. Or more formally: The Payment Card Industry Data Security Standard (PCI DSS) is a set of standards created by major payment card companies to protect consumers and avoid liability by forcing businesses involved in the payment card ecosystem to implement safety measures and processes. Got it? Great. Why payment security matters The security of cardholder data affects your businesses, your customers, and the entire payment card ecosystem. If a breach occurs at your business, you’ll lose customers, you’ll have to pay numerous, often…

Read Full Post
Levels of PCI Compliance

The 4 Merchant Levels of PCI Compliance

The regulation of payment cards is relatively new. But compliance with Payment Card Industry (PCI) standards is vital. The origins of PCI standards were in the 1990s, really the dawn of the modern era of computers. The security standards were developed because of serious incidence of credit card fraud once credit cards started being used for internet payments. Between 1988 and 1998, Visa and MasterCard reported credit card losses of $750 million. Although this is a sizable amount of money, it is a small percentage of the hundreds of billions of dollars in transactions recorded annually. History of PCI Security Standards Council (SSC) As increasing numbers of merchants began rolling out online commerce websites with poorly secured data systems, the rate of credit card fraud increased dramatically. The increasing rate of fraud prompted the development of industry security standards. In 2000, online credit card fraud grew to $1.5 billion, and the rate of fraud would…

Read Full Post
What is PCI Compliance

What is PCI Compliance? Common Questions Answered

If your business accepts any credit cards, then it is important to know what PCI Compliance is and how it applies. Knowing and abiding by the guidelines can save your organization from an expensive legal battle and ensure that your customers have the best security behind their purchases. Here are a few common questions regarding PCI Compliance: What is PCI Compliance? PCI (or Payment Card Industry) compliance requires following a defined the set of standards developed by the PCI Security Standards Council (which consists of AMEX, JCB, Visa, MasterCard and Discover). These standards apply to any company that accepts credit card payments, and all standards share the goal of providing and maintaining a secure network for customers that purchase via credit card. Who Sets The PCI Standards? The Payment Card Industry Security Standards Council establishes and sets the standards that must be followed by all merchants that accept credit cards. This council is managed by an…

Read Full Post
What's a PCI QSA

What Does a PCI Certified QSA Do?

What exactly is a PCI certified QSA? Should I hire one for my business? Perhaps these are questions you have asked yourself. Knowing what exactly they do and if they are necessary can be a complicated affair. However, if you are interested in learning more about PCI certified QSAs, you have come to the right place. We hope this will be a helpful and informative resource for you and will give you the information necessary to determine for yourself whether or not a PCI certified QSA is right for you. What is a PCI Certified QSA? A PCI certified QSA (qualified security assessor) is an individual who handles compliance auditing and consulting in the payment card industry. A PCI certified QSA assesses a business that deals with credit card data to ensure that they meet the necessary requirements of the PCI Standard. These security assessors must meet specific requirements in…

Read Full Post
Security Standards and Services

The 12 Mandated PCI Compliance Policies: Is Your Organization Doing All It Can?

If you work as a merchant in the payment card industry (PCI) pipeline, then you know that dealing with PCI compliance is a challenge. Sorting through the many rules and regulations is time-consuming and painstaking work; however, the time spent is worth it when you realize that PCI compliance helps provide shelter for you in case there is a breach. We studied the 12 mandated PCI compliance policies and have come up with a few tips for coping with this issue. Let’s start with the basics. PCI DSS Payment Card Industry Data Security Standards (PCI DSS) comprises the globally accepted policies and procedures of the payment card industry. The Payment Card Industry Security Standards Council developed and maintains these standards. The payment card industry and all merchants, retailers and other organizations of any size that accept payment by credit cards and process, store, or transmit cardholder financial information or authentication…

Read Full Post