Pages

Wednesday, 3 October 2012

A Guide to PCI Compliance

By Karen Carter


If you are a merchant then one of the things that you might find yourself asking is "What is PCI compliance?" First you must understand what PCI is. PCI is the acronym for Payment Card Industry. Payment Card Industry is basically like saying the top five companies that are known for their payment card processing. These five companies are American Express, Discover, Japanese Credit Bureau, Mastercard, and Visa. They are known for their logos and their logos are actually accepted around the globe in many different places.

They have years of experience with online transactions by the PCI industry. PCI industry is comprised of top five payment card processors, Visa, Mastercard, American Express, JBC, and Discover. Combined, they have seen every, and any type of malicious threat to their processing systems that ever existed. The old joke quotes a bank robber who they asked why he robs banks, he responded, "that is where the money is". Well, in today's language, people with malicious intent focus on payment processor sites, because "that is where the money is".

Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.

This might include a deadline in which certain things might have to be completed in a specific time frame. The things that they PCI compliance is asking for are not anything that should not already be done anyways. They maintain that you have to have a secure connection and that there are appropriate firewalls preventing someone from being able to hack into the system by the compliance deadline.

So by maintaining proper security standards there is not going to be a cost of PCI compliance. The problem is that the fines are rather heavy if you are not in compliance. Now if you have to change some things and this ends up costing you some money you can always consider the cost of the fines and the reputation of your business if you had chosen to not follow through with this important compliance. In the end you will easily see how this is a much cheaper option then taking your chances on being fined.




About the Author:



1 comment:

  1. Our customizable online system means that you don’t have to buy or install any software, and you can access the system from anywhere. We can assist you with front end/back end processing, automated returns and exceptions handling, detailed reporting, and risk management functionality. You can make all file changes directly, so there’s no need for file recalls.
    ACH Processing

    ReplyDelete