Contact
Contact

1 min read

PCI Compliance & Why You Need to be Compliant

Featured Image

Getting paid is just as important as PCI compliance. Businesses of all sizes rely on cash flow to effectively manage business operations. To ensure you are paid by clients in a timely manner, it’s important to provide them with payment options – with one of the most convenient being credit cards.

If your business accepts credit card payments, then you need to understand PCI compliance and its importance, how to become PCI compliant and the repercussions of failing to do so.

What is PCI Compliance?

PCI stands for Payment Card Industry compliance. PCI Security Standards Council implemented a strict set of security standards that were created to protect consumer’s credit card information before and after a transaction with any business that accepts credit cards as a form of payment.

The main objective of PCI compliance is to protect credit cardholder data and prevent a data breach or fraudulent activity. Here is what you need to know:

  • PCI compliance is required by all credit cards brands – Visa, MasterCard, American Express, Discover Network, JCB
  • PCI compliance also includes debit cards, gift cards, and prepaid cards
  • It applies to all online and offline credit card transactions
  • It applies to employee procedures for handling cardholder data

PCI Compliance also applies to hard copies of customer data. Therefore, if hard copies of a customer’s credit card information are kept, it must be secured in a locked filing cabinet the same way that online cardholder data must be password protected on a secured server.

banks-and-pci

Getting PCI Compliant Is Required

Perhaps the most important thing to understand about PCI compliance is that whether you are a single person operation, have an online store, or are a large company, if you accept credit card payments, you are required to follow compliance regulations.

Failure to follow PCI compliance can result in a fine of $5,000 up to $500, 000 levied by banks and credit card companies– a fine that could put your business in jeopardy and risk its financial future. You may be required to pay monthly fines until your compliance issues are cleared up.

You could also make yourself a target for data breaches and losing the trust of your consumers. Additionally, you could lose the right to accept credit cards as a form of payment – another issue that could impact business operations.

This Week's [in]Security - Issue 271

Welcome to This Week’s [in]Security. Non-Compliance Lesson, DSSv4 related, Skimmers, Other Payments. New breaches: 7 breachers per capita, Shields &...

Read More

Non-Compliance Lesson No. 4: Keep your head in the cloud when adopting new technologies

PCI DSS can be hard and not preparing for it just makes things harder. Following this advice is guaranteed to make it both more exciting and painful.

Read More

“Follina” – Critical Zero-Day Exploit for Microsoft Products

Background

Over the past holiday weekend, a tweet from Tokyo-based security researcher “nao_sec” first identified an interesting upload to antivirus...

Read More