The Payment Card Industry Data Security Standard (PCI DSS) can be pretty confusing. The technical details and numerous requirements can make compliance intimidating. However, establishing and maintaining compliance is incredibly important. Luckily, we’re here to help!
The technical definition of PCI is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment. So, that explains everything. Right?
In case you’re still a little confused, PCI DSS was basically designed to make sure that companies who accept credit cards as a form of payment handle your credit card number, and some other info stored on your credit card, safely. PCI DSS makes sure that this sensitive data cannot be stolen easily by anyone else who may try to illegally access your information. This sensitive data includes…
- CVV2, CVC2 & CID codes
- Expiration date
- Full name on credit card
Needless to say, exposing this information to the wrong people can have negative consequences. In addition to seriously damaging your reputation as a business, your customers can have their bank accounts hacked or their identity compromised.
A lot of people think PCI requirements are just for companies that accept payment through their website. In fact, any business that accepts credit cards as a form of payment must be PCI DSS compliant. This includes…
- Online transactions
- In person transactions
- Over the phone transactions
Even if you only take one credit card as payment, you still need to be compliant. And, if you utilize a third-party site, like PayPal or Google Checkout, you still have to be compliant.
Penalties for non-compliance:
- Fines ranging from $5000 to $500,000 PER INCIDENT!
- Loss of ability to process credit card payments
- Placement on the Visa/MasterCard Terminated Merchant File (TMF) – This is really, really, bad. You most likely won’t be able to remove yourself from this list
- Insurance claims
Breakdown of guidelines:
Latest posts by Kristen S (see all)
- Self Storage Marketing And Lead Generation - September 3, 2015
- IVR Technology Group’s Pay by Phone Achieves PCI Level 1 Compliance – Highest Compliance Level for Service Providers - September 2, 2015
- Self Storage: Easiest Way To Collect Rent - August 27, 2015
- Utility Companies: How To Reduce Late Payments - August 21, 2015
- IVR Technology Group: On Fast Track To Success! - August 14, 2015