Security standards for the payment card industry
With over a billion non-cash transactions happening around the world every day, have you ever wondered how everyone keeps track of all the electronic funds moving around the globe and how every single payment point keeps to shared security standards?
PCI Compliance is the answer, or rather, Payment Card Industry Data Security Standard (PCI DSS).
Companies who provide payment services such as debit and credit cards - like Visa, MasterCard, American Express, Discover and JCB - receive huge amounts of sensitive data from merchants every day which they need to store, process, and transmit securely. In order to achieve this, these financial services created an independent body to regulate and administer security standards ensuring all merchants keep to regulations to overcome credit card fraud.
The standards are defined into 12 steps that cover network security, data protection, program vulnerability, access control, monitoring, and information security policy.
The PCI Security Standards Council website contains all the up-to-date payment standards that PCI compliance requires from businesses. Depending on their annual transaction volumes, merchants are categorized into four levels which each have their own set of regulations.
Assessments are carried out annually through either a dedicated assessor in larger-volume merchants or a self-submitted questionnaire for smaller businesses.
Who needs PCI compliance?
PCI compliance applies to all entities or individuals who charge non-cash payment for any type of goods or service through one of these third-party financial service providers: Visa, MasterCard, American Express, Discover or JCB.
Does your business need to be PCI compliant?
Yes. Although not required by law, if found to be out of compliance with PCI standards businesses may be subject to fines by the entity they use to process their card transactions.
Whatsmore, if your payment system is breached and your customers' data is stolen you may be found liable for any losses incurred by banks and financial service providers, charged for card replacement costs, or sued for brand damage.
Businesses that have multiple branches under the same tax ID only have to demonstrate their compliance once annually, covering all their Points Of Sale (POS).
A Point Of Sale (POS) is how you charge the customer for a non-cash payment, either locally at your business location through a card reader or online using an Internet protocol (IP) -based POS.
Ultimately, PCI compliance is the world's only regulated and comprehensive means to protect your business from non-cash payment fraud, ensuring a healthy working relationship with financial service providers and maintaining essential consumer trust.
Article Source: http://EzineArticles.com/expert/Sumit_John/2285027
