MERCHANT SECURITY IS OUR TOP PRIORITY
PCI COMPLIANCE: AN IMPORTANT FIRST STEP
The Payment Card Industry Data Security Standard (PCI DSS) was implemented to enhance cardholder data security and establish a consistent data security standard throughout the globe.
There are twelve requirements for PCI compliance that vary from protecting and restricting access to stored cardholder data to maintaining information security policies.
PCI also applies to everyone involved in the transaction processing including merchants, processors, issuers, service providers, acquirers, and anyone who handles sensitive cardholder or authentication data.
What is PCI compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a security standard set forth by the Payment Card Industry Security Standards Council (PCI SSC). Compliance is validated through either a Qualified Security Assessor or by a Self-Assessment Questionnaire (SAQ) for smaller-volume companies.
Do I need to be PCI compliant?
If your organization is involved with the transmission, storage, or use of payment card processing information in any regard, then the PCI DSS applies. This includes storefront retailers in addition to e-commerce merchants.
Visa, MasterCard, and other major card brands require their merchants to be compliant with the PCI DSS.
How do I become PCI compliant?
The first key to becoming PCI compliant is to understand what is outlined in the PCI DSS. The PCI DSS Quick Reference Guide (PDF) is a good place to start, as it outlines six goals and twelve steps of compliance. Once you are familiar with the general idea of what PCI compliance requires, contact your merchant services provider. Because not every business has the same security needs, they will be able to inform you exactly what is needed to become compliant.
WHAT HAPPENS IF I AM NOT PCI COMPLIANT?
The fines levied by credit card institutions and banks against non-compliant merchants can reach $500,000 depending on the severity of the non-compliance and any issues or security breaches that may have resulted.
Should a breach have occurred, other fines could include a fee for each cardholder that was compromised, the loss of the business’ merchant account, and the suspension or termination of credit card acceptance. Consumer trust is also affected and potential legal issues could arise for failing to protect sensitive information as well.
In addition to these incidental fines, a noncompliance fee may be billed to your merchant account every month your business is out of compliance.
Are you PCI compliant?
If you are uncertain of your PCI compliance status, please get in touch with your merchant services provider. If you are processing with Advanced Merchant Group, please click here to send us an e-mail.
If you’re interested in lowering your monthly processing rates, or found this information helpful and would like to learn more about merchant services, feel free to contact us!
We’d love to here from you!