Payment Card Industry Compliance

Payment Card Industry (PCI) Compliance is a complex and multi faceted issue facing merchants, software companies, and processors. The major credit card companies, Visa, MasterCard, American Express, and Discover created regulations called Payment Card Industry Data Security Standards (PCI – DSS) to help prevent theft of sensitive cardholder data.

Recent mandates by the PCI Security Standards Council require all processors to ensure merchant businesses are compliant, which includes the use of compliant payment applications by July 1, 2010.

Premier Merchant Services is taking this mandate very seriously which is why we have partnered with Spectrum, Transfirst and Control Scan to provide our Merchants with a seamless and easy process.

PCI Overview

The Payment Card Industry Data Security Standard (PCI DSS) is a mandatory global standard established by the major card associations to ensure the protection of cardholder data. Based on twelve guidelines, the PCI DSS requires merchants to make their physical and virtual environments secure to ensure protection of cardholder data. As a merchant accepting credit cards as a form of payment, you are required by the card associations to adhere to the PCI DSS. The PCI DSS encompasses the security programs from Visa, MasterCard, Discover, and American Express, Cardholder Information Security Program (CISP) and Site Data Protection (SDP), respectively.

The PCI DSS sets technology requirements such as the use of data encryption, end-user access control, and activity monitoring and logging. It also includes procedural mandates, such as the need to implement formal and documented security policies and vulnerability-management programs. They were developed to ensure that cardholder data is protected throughout the transaction process. Compliance with the standard applies to all types of merchants, retail, MO/TO, and Internet. All merchants need to follow best practices for storage and destruction of all paper or electronic records containing account numbers or cardholder data. Additionally, merchant service providers processing credit cards need to be PCI compliant.

Importance of PCI Data Security Standard Compliance and/or Certification

It is clear that ensuring the safety of your customers' cardholder information can help your business strive to create and maintain a positive image, enhance customer confidence and even assist in improving your bottom line. Additional benefits include:

  • By adhering to the data security regulations businesses can significantly reduce their exposure to fraud losses resulting from the theft of cardholder data.
  • Compliance with the programs can lead to enhanced consumer confidence, which can result in higher sales.
  • Compliance with the PCI DSS is mandatory. If you and your service providers are not compliant with the PCI DSS, the card associations could levy fees and fines against you and your credit card processing services could be terminated.

© Copyright 2013 Premier Merchant Services