If you are a merchant then one of the things that you might find yourself asking is "What is PCI compliance?" First you must understand what PCI is. PCI is the acronym for Payment Card Industry. Payment Card Industry is basically like saying the top five companies that are known for their payment card processing. These five companies are American Express, Discover, Japanese Credit Bureau, Mastercard, and Visa. They are known for their logos and their logos are actually accepted around the globe in many different places.
The cards can actually be issued by one of these companies or by a bank that has a contract with one of these companies. Now the companies will also make deals with some merchants and even some online merchants in order to make sure that they accept their card and their logo. Keep in mind that there is always going to be a PCI compliance deadline to consider. As a merchant when you accept credit cards then you are required to operate under certain PCI compliance requirements. All of these will be outlines in your merchant agreement that you signed when you started accepting credit cards.
Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.
Following PCI DSS will give you guidelines to protect your own data. Moreover, by merging your own security measures with the measures to satisfy PCI data security standards compliance, the PCI DSS fulfillment will become just an incremental burden, much easier to implement. You may not have a choice in following the PCI standards. No matter how you slice it, PCI is a monopoly of sorts. If you are found non-compliant, and unable to process credit card, debit cards with one of the five logos, you may not be able to process many online transactions at all. Yes, there is PayPal, eJunkie, and other online processors, but they usually operate in very specialized markets, and do not have as broad a reach as Visa and Mastercard.
They may also charge you higher fees. On the other hand, if you continue to process transactions through Visa and Mastercard when non PCI compliant, and avoiding a PCI audit, you may face steep fees and penalties, especially in the case of the breach and compromise of cardholder information. Don't take PCI compliance lightly, it is really important.
The cards can actually be issued by one of these companies or by a bank that has a contract with one of these companies. Now the companies will also make deals with some merchants and even some online merchants in order to make sure that they accept their card and their logo. Keep in mind that there is always going to be a PCI compliance deadline to consider. As a merchant when you accept credit cards then you are required to operate under certain PCI compliance requirements. All of these will be outlines in your merchant agreement that you signed when you started accepting credit cards.
Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.
Following PCI DSS will give you guidelines to protect your own data. Moreover, by merging your own security measures with the measures to satisfy PCI data security standards compliance, the PCI DSS fulfillment will become just an incremental burden, much easier to implement. You may not have a choice in following the PCI standards. No matter how you slice it, PCI is a monopoly of sorts. If you are found non-compliant, and unable to process credit card, debit cards with one of the five logos, you may not be able to process many online transactions at all. Yes, there is PayPal, eJunkie, and other online processors, but they usually operate in very specialized markets, and do not have as broad a reach as Visa and Mastercard.
They may also charge you higher fees. On the other hand, if you continue to process transactions through Visa and Mastercard when non PCI compliant, and avoiding a PCI audit, you may face steep fees and penalties, especially in the case of the breach and compromise of cardholder information. Don't take PCI compliance lightly, it is really important.
About the Author:
Want to find out more about PCI Compliance Standards, then visit Karen Carter's site on how to learn more about PCI Compliance for your needs.
0 comments:
Post a Comment