In short, Payment Card Industry Data Security Standard (PCI DSS) is a solution provided to help make online payments more secure and ultimately reduce the risk of card fraud. This is achieved via strict requirements around the transmission, processing and storing of credit card information.
How did PCI come about?
Payment security is something that has adapted to help protect people when they pay online, starting with VISA who became the first card authority to develop security standards with the creation of Cardholder Information Security Program (CISP) in 1999, aimed at companies carrying out online transactions.
Ever since the introduction of CISP card authorities have been looking to develop new advice/regulations for online retailers handling credit card information and eventually this led to the introduction of the PCI DSS in 2004. This was a historic event as it brought together VISA, MasterCard, American Express, Discover and JCB.
Does PCI Compliance affect me?
PCI Compliance is an important factor to be considered within any business. Effectively no matter what channel or method you are using to take payments if a credit card is involved there are requirements that need to be met and considered.
There are 4 levels to PCI Compliance and these will vary on how your business is operating and could be anything from an annual Compliance report through to the use of PCI specialists to regularly monitor and help secure your business.
Are there any risks of being non-compliant?
The long and short of it is that if you are handling, taking or storing credit card data whilst being non-compliant you run the risk of fines and potentially losing the ability to take credit card payments going forward.
Am I safe if my business is PCI Compliant?
Unfortunately, it’s not just about being PCI Compliant your business can still be breached and that is why it is so important to be pro-active with security measures and this is true about not only your website. It’s for this reason that working on regular checks both online and offline using PCI professionals is the safest way for your business to keep customers credit card information secure.
If you take one thing from this, it’s that PCI DSS needs to be a serious consideration to make sure that you protect not just your business but your clients from possible breaches or threats to their credit card data. Daunting I know, but please do contact us so we can work with you to make your website more secure and PCI DSS Compliant.