The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.
What is PCI Compliance?
The PCI DSS is administered and managed by the PCI Security Standards Council (SSC) www.pcisecuritystandards.org, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover, & JCB).
All merchants and organizations, regardless of size or number of transactions, that accept, transmit or store any cardholder data, must comply with PCI DSS. Merchants that do not comply with PCI DSS may be subject to fines, card replacement costs, costly forensic audits, brand damage, etc., in the event a breach may occur.
All acquirers are responsible for ensuring that all of their merchants comply with the PCI DSS requirements, therefore, all processors are required by the card brands to implement a PCI DSS Compliance Program. Connecting to a competing processor will NOT avoid the need to get into PCI DSS Compliance nor the fee’s involved.
Listed below is a list of helpful links that explain PCI Compliance.
PCI Security Standards – [ www.pcisecuritystandards.org ]
PCI Compliance Guide – [ www.pcicomplianceguide.org ]
PCI DSS Glossary – [ www.pcisecuritystandards.org/pdfs/pci_dss_glossary_v1-1.pdf ]