6 Best Practices for Getting Started with PCI CompliancePAI – Feb 1st, 2013
In the United States, all credit card companies require merchants who accept credit cards as payment to be PCI (Payment Card Industry) Compliant. What this means is that the merchant must strictly follow a set of specific security standards defined as the Payment Card Industry Data Security Standards (PCI DSS). These standards are designed to ensure that all companies who process, store, or transmit credit card information maintain a secure environment that keeps themselves, consumers, and financial institutions safe.
While PCI compliance is a critical step in protecting consumers from threats such as fraud and identity theft, it is equally important for the protection of merchants. As a merchant, you are entrusted by customers to keep their sensitive data safe and out of the wrong hands. Not fulfilling your duty to keep their information safe would result in a significant loss in both sales and relationships with customers. In addition, you could also be charged expensive fees and lose your ability to accept payment cards. By staying PCI compliant, you are ensuring that your systems are secure and customers can trust you with their sensitive information.
If you are a merchant, there are several things you can do to ensure that you’re staying as safe as possible.
Six Best Practices to Get Started with PCI Compliance
- Education is key – Do research and educate not only yourself, but also your employees. Everyone involved in transactions should be aware of PCI compliance and what it takes to ensure a safe and secure payment card environment.
- Do some digging – Identify if/where sensitive cardholder data exists in your business environment. If you don’t think you have any, do some digging, you might be surprised.
- When it doubt, don’t store it - Unless it is absolutely necessary, never store or keep sensitive cardholder data.
- Know where you stand - Determine your PCI Classification, and the requirements to comply. Work with your merchant services provider to identify where you stand.
- Make changes – Once you’ve educated yourself and your employees, implement changes in your business to address any non-compliant findings.
- Keep it up – PCI compliance is ongoing. Stay compliant through ongoing security maintenance and compliance with PCI Data Security Standards.
PCI compliance is constantly evolving in order to stay ahead with best practices and regulations to fight back against criminal threats. Take PCI compliance seriously, and do your part to protect both consumers and yourself.
Get more information about PCI Compliance and the PAI Secure program.
Tags: [PCI Compliance] – [Credit and Debit Cards]