PCI compliance refers to meeting the requirements established by the Payment Card Industry Security Standards Council (PCI SSC), an alliance of the five major credit card companies — Visa®, MasterCard®, Discover®, American Express® and JCB International®. The PCI SSC established and enforces the PCI Data Security Standards (PCI DSS), which lays out for all merchants who process, store or transmit credit, debit or prepaid card information the steps to take to maintain a secure transaction environment.
As a leader in secure electronic payments, 1st US Merchant Services® supports and promotes PCI compliance. Our PCI program provides services that help merchants become and remain compliant, even as PCI DSS requirements change.
The 1st US Merchant Services PCI Program consists of several important and comprehensive components:
- Our online Self-Assessment Questionnaire (SAQ) is an intuitive and easy-to-use tool with picture-driven qualification steps that helps merchants easily determine their Validation Type. It is supplemented with expert help text and real-life examples.
- External scanning detects network vulnerability for merchants with external-facing IP addresses and finds holes in web-based applications. 1st US Merchant Services then issues easy-to-understand reports detailing the results and prioritizing vulnerabilities while offering hands-on assistance for remediation.
- A set of custom security policies, powered by the Unified Compliance Framework (UCF), and policy templates that are automatically generated based on how merchants process payment cards provide an individualized approach to compliance.
- On-demand security awareness training prepares merchants to handle sensitive information, satisfies PCI DSS requirements and eliminates the need to purchase a costly training program from a third-party provider.
It’s important to understand that while PCI compliance protects both merchants and cardholders, there is no law requiring it. However, PCI compliance is a contractual obligation between merchants and the five major card brands that comprise the PCI SSC, and noncompliant merchants who experience a data breach are subject to fines, expensive audits, other associated costs and, perhaps most significantly, a direct and potentially fatal hit to their business reputation.
PCI compliance is not an expensive proposition or one that requires a great deal of effort on the part of the merchant; it is a great investment in security and peace of mind. 1st US Merchant Services stands ready to instruct and support our merchants in that investment. For more information, visit Compliance101.com.