PCI DSS OVERVIEW
‘PCI’ stands for Payment Card Industry and ‘DSS’ stands for Data Security Standards. This Standard includes requirements for any business that stores, processes or transmits payment cardholder data. The five major card brand networks (Visa Inc., MasterCard Worldwide, American Express, Discover Financial Services, and JCB) established the PCI DSS requirements. These requirements specify the framework for a secure payments environment. Failure to comply with PCI DSS requirements can result in fines and may also result in losing the ability to accept credit cards in your place of business.
PCI DSS REQUIREMENTS
Definitions and further details on PCI DSS may be found at the industry supported website www.pcisecuritystandards.org. This portal is used to simplify specific steps within the PCI DSS process. To get started, there are up to 2 steps as defined below:
- Self-Assessment Questionnaire (SAQ) is an annual requirement. The SAQ is a validation tool for merchants who are not required to do on-site assessments for PCI DSS compliance. This questionnaire should also be updated periodically, should you change how you handle card holder data or at least once per year, and
- Security Scans may be required quarterly for any merchant processing cardholder data via an Internet connection. Scans are performed on the external facing IP address(es) to identify potential vulnerabilities. The scan will help you identify necessary steps to protect cardholder data.
Questions? We are here to help
READY TO ENSURE YOU ARE PCI COMPLIANT?
Fill out this form and we will be in contact with you shortly.