What is PCI compliance?
Payment Card Industry Data Security Standards (PCI DSS) are network security and business practice guidelines adopted by Visa, MasterCard, American Express, Discover Card, and JCB to establish a 'minimum security standard' to protect customer’s payment card information. It is a requirement for all merchants that store, transmit, or process payment card information.
How does my business become PCI compliant?
The easiest way to become compliant is to use PayU Business or if you intend to store, transmit, or process payment card information; the responsibility of being PCI compliant remains with you by ensuring that you:
- Build and maintain a secure network to protect payment card information
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Pass quarterly remove vulnerability scans
- And more …
Who created the PCI DSS standard?
The Payment Card Industry Security Standards Council (PCI SSC) was formed, in September 2006, by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.) as an independent body to administer and manage the PCI DSS standard.
Why was the PCI DSS standard created?
The PCI DSS standard was created in response to a spike in data security breaches related to credit card use; and to prevent credit card fraud through increased controls for card data and the possibility of it being compromised by its exposure.
Who needs to comply with the PCI DSS standard?
PCI DSS applies to ALL organisations or merchants, regardless of size or number of transactions; that accepts, transmits or stores any card-holder data. In other words; if any customer of an organisation makes a direct payment to the merchant by means of a credit card or debit card, then the PCI DSS standard apply.
Contact us to enquire if you need to comply.