Understanding PCI compliance can make a person’s head spin. Having never heard of PCI compliance myself, I headed to the internet to try and get the answers. The Payment Card Industry Data Security Standard (PCI DSS) is a great resource but can also be confusing.
The PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, was founded to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures network architecture, software design and other critical protective measures. These standards are intended to help organizations protect customer account data.
I think in this day and age, we are all concerned about the security of our credit card numbers and someone stealing this sensitive information. Well, PCI compliance is designed to make sure merchants handle any and all credit card numbers in a secure fashion. Whether a merchant does one credit card transaction every six months or thousands in a year, ANYONE who takes credit cards as a form of payment needs to be PCI compliant.
PCI compliance is obtained by the merchant answering a standardized series of questions about the method in which they process credit card numbers. The merchant’s responses to those questions and the company from whom the merchant purchases their PCI compliance will determine what happens next. If you use a company like getpcicertified, you may receive policies and scanning in order to fulfill your PCI compliance.
So, if you are shopping for PCI compliance, make sure you know what you are shopping for and make sure you are treating credit card numbers as top secret ~ or you may leave yourself open for a data breach that could cost you your business.
