PCI DDS Overview
‘PCI’ stands for Payment Card Industry and ‘DSS’ stands for Data Security Standards. This standard includes requirements for any business that stores, processes or transmits payment cardholder data. The five major card brand networks (Visa Inc., MasterCard Worldwide, American Express, Discover Financial Services, and JCB) established the PCI DSS requirements. These requirements specify the framework for a secure payments environment. Failure to comply with PCI DSS requirements can result in fines and may also result in losing the ability to accept credit cards in your place of business.
PCI DDS Requirements
Definitions and further details on PCI DSS may be found at the industry supported website: www.pcisecuritystandards.org. This portal is used to simplify specific steps within the PCI DSS process. To get started, there are up to 2 steps as defined below:
· Self-Assessment Questionnaire (SAQ) is an annual requirement. The SAQ is a validation tool for merchants who are not required to do on-site assessments for PCI DSS compliance. This questionnaire should also be updated periodically, if you change how you handle card holder data or at least once per year.
· Security Scans may be required quarterly for any merchant processing cardholder data via an internet connection. Scans are performed on the external facing IP address(es) to identify potential vulnerabilities. The scan will help you identify necessary steps to protect cardholders’ data.
For questions regarding the portal provided or regarding your PCI compliance program, please contact Century Business Solutions’ support team at: SUPPORT@CENTURYBIZSOLUTIONS.COM or call 888-500-7798.