What is PCI Compliance?
Payment Card Industry Data Security Standard (PCI DSS) compliance is a data security standard for the handling of sensitive account data as it relates to processing credit card information, including debit cards, credit cards, prepaid cards, e-purse, ATM cards, and POS cards. The company that processes the credit card transactions for your business must be PCI compliant at all times. However, since it involves the proprietary card account information of your customers, it’s extremely important for your business or organization to also be PCI compliant.
The compliance rules, called the Payment Card Industry Data Security Standard (PCI DSS), were set in place to increase the controls for sensitive cardholder information and to reduce the possibilities of accountholder and credit card fraud. When this compliance is in place, the possibility of fraud is less because the companies who process payments must follow these stringent rules. The current version of the standard is 3.0, which was released on November 7, 2013.
How Does PCI Compliance Happen?
An external organization known as a Qualified Security Assessor (QSA) performs a validation check through the credit card processing company on each business in order to ensure that they are PCI compliant. The validations happen yearly followed by a Report on Compliance by the QSA for every company or organization that handles large volumes of transactions. Companies or organizations that handle small amounts of transactions are subject to Self-Assessment Questionnaires instead.
What’s Required to Be PCI Compliant?
Companies and organizations must be compliant with 12 separate rules under the PCI DSS 3.0 version of the standard to be compliant and run their business – and to therefore properly handle sensitive payment card information. If processing transactions over an Ethernet connection, requirements will then include maintaining a firewall to protect sensitive data, secure system passwords, anti-virus software and more.
Midwest Payment Processing PCI Compliance
Midwest Payment Processing is fully PCI compliant, following all the guidelines set in place by the Payment Card Industry Data Security Standards Council and striving to go above and beyond the requirements of the standard itself. We also ensure that all of our clients are fully PCI compliant, and will even walk them through the certification process. If you have any questions about our security standards, feel free to contact us at any time.