|
What is PCI ComplianceThe Payment Card Industry Data Security Standard (PCI DSS) was established by credit card issuers in 2004 to help organizations that accept credit cards prevent fraud and other security threats related to payment processing. The latest version (Version 1.2) of the PCI DSS was released on 3/31/09.The PCI DSS applies to both merchants and merchant service providers involved with payment processing. In other words, any organization that processes, stores or transmits credit card numbers must be in compliance with the most recent standard or risk losing payment processing privileges. Non-compliance can also result in an audit and/or a fine by the card associations. The PCI Security Standards Council, a consortium of credit card issuers that includes Visa, MasterCard, Discover and American Express, oversees compliance with the standard, which stipulates 12 requirements in six categories: Build and Maintain a Secure Network, Protect Cardholder Data, Maintain a Vulnerability Management Program, Implement Strong Access Control Measures, Regularly Monitor and Test Networks, and Maintain an Information Security Policy. The latest version (Version 1.2) of the PCI DSS was released in October 2008. All merchants and merchant service providers must be in compliance with the new standard or risk losing payment processing privileges. Non-compliance can also result in an audit and/or a fine by the card associations. Any organization accepting credit cards is responsible for staying informed about the latest requirements in the PCI DSS and for adjusting internal policies and practices to remain in compliance. At BCSW, we stay on top of new developments in the PCI standard so that we can remain in compliance ourselves and give you the best advice possible. Questions about the PCI DSS or preventing fraud in general? Call us now at (800) 838-9699. Questions about the PCI DSS or preventing fraud in general? Call us now at (800) 838-9699. |