What You Need to Know
The PCI Data Security Standards are a set of requirements created by the PCI Security Standards Council. You can download the exact specification HERE. The Council was founded by the five major card brands: VISA, MasterCard, American Express, Discover, and JCB. This industry consortium mandates handling of credit card information, classification of merchants, and validation of merchant compliance. As a merchant, you are responsible for the security of cardholder data and must be careful not to store certain types of data on your systems or the systems of your third-party service providers. You are also responsible for any damages or liability that may occur as a result of a data security breach or other non-compliance with the PCI Data Security Standards. The information security principles contained within these standards are the best practices drawn from the National Institute of Standards and Technology (NIST) and are from internationally-recognized standards for information security practices.
Below is a list of websites explaining in more detail the PCI requirements expectations of the following providers.
PAI Secure is a four-step program that was created by PAI by recognizing the risks being posed to all of our customers. The program will help your business comply with the Payment Card Industry (PCI) Data Security Standard (DSS) requirements and protect you (the business owner) in cases of data breach.
- Manual Option Self-Assessment Questionnaire
- Data Breach Indemnification
- Network IP Scans
- Automated Self-Assessment Questionnaire Management
Why do I need PAI Secure?
- Are you aware that you are prohibited from storing any cardholder magnetic stripe data?
- Did you know there are security requirements for storage of any cardholder information?
- Do you have a written and communicated policy for data security?
- ALL POS manufacturers are now required to have their terminals and applications certified and listed on the Visa Payment Application Best Practices (PABP) report. Is your equipment PCI compliant?
- If your software version is not listed, your system probably is not compliant.
- Does your system store cardholder data without your knowledge?
- Can you afford a forensic audit costing an average of $10,000 with resulting fines of $25,000 or more?
If you answered “no” or “I don’t know” to any of the questions above, we have the solution for you!
Even if you are aware of the requirements above, keeping up with the ever-evolving world of PCI DSS is difficult at best. PAI Secure is a one-stop solution for