The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payment, and store, process or transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
According to the PCI Security Standards Council, there are 12 PCI compliant requirements that meet a variety of security goals. These goals are: Building and maintaining a secure network, protecting card holder data, maintaining a vulnerability management program, implementing strong access control measures and maintaining an information security policy. Here's your guide to the four different levels of PCI compliance as mandated by the major payment card brands, Visa and Mastercard, as well as action items for each.
The thing is that if you are not compliant you can get fined very heavily from the bank. This is because the bank is actually being fined by the credit card processing companies and then they are passing on the fine to you as the consumer who was under them and consequently had broken their contract. So it is essential not to have the cost of the compliance that you actually focus on the agreement and understand what is required of you. This might include a deadline in which certain things might have to be completed in a specific time frame. The things that they PCI compliance is asking for are not anything that should not already be done anyways. They maintain that you have to have a secure connection and that there are appropriate firewalls preventing someone from being able to hack into the system by the compliance deadline.
Level 3 merchants have 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. If you are a level 4 merchant you have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and it requires a network scan with an approved scanning vendor.
By narrowing down what level and type of merchant you are, you're well on your way to becoming PCI compliant! PCI compliance is very important to your business and for your customers. Don't take it lightly.
According to the PCI Security Standards Council, there are 12 PCI compliant requirements that meet a variety of security goals. These goals are: Building and maintaining a secure network, protecting card holder data, maintaining a vulnerability management program, implementing strong access control measures and maintaining an information security policy. Here's your guide to the four different levels of PCI compliance as mandated by the major payment card brands, Visa and Mastercard, as well as action items for each.
The thing is that if you are not compliant you can get fined very heavily from the bank. This is because the bank is actually being fined by the credit card processing companies and then they are passing on the fine to you as the consumer who was under them and consequently had broken their contract. So it is essential not to have the cost of the compliance that you actually focus on the agreement and understand what is required of you. This might include a deadline in which certain things might have to be completed in a specific time frame. The things that they PCI compliance is asking for are not anything that should not already be done anyways. They maintain that you have to have a secure connection and that there are appropriate firewalls preventing someone from being able to hack into the system by the compliance deadline.
Level 3 merchants have 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. If you are a level 4 merchant you have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and it requires a network scan with an approved scanning vendor.
By narrowing down what level and type of merchant you are, you're well on your way to becoming PCI compliant! PCI compliance is very important to your business and for your customers. Don't take it lightly.
About the Author:
Looking to find the best deal on pci compliance, then visit www.trust-guard.com to find the best advice on the pci compliance standards for you.
0 comments:
Post a Comment