PCI DSS. As a credit card-accepting merchant, it’s likely that you’ve seen those letters before, but just what do they stand for, and how do they affect your business? PCI DSS (also referred to as just PCI) is an acronym for the Payment Card Industry Data Security Standard, which is a set of essential minimum requirements that every merchant and/or service provider must meet protect the cardholder data of their customers. There are five major credit card companies in the world – MasterCard, Visa, Discover, American Express and JCB – and together they formed the PCI Security Standard Council, which oversees these PCI DSS standards. The standards were put in place to as a proactive approach to securely protect cardholder data for both online and card-present transactions, and minimize merchant financial loss. All merchants that store, process and transmit cardholder data, regardless of size, must comply with the strictly enforced standards to ensure cardholder data is secure and safe.
While it may sound rather intimidating, once you know more about what PCI DSS is and what you need to do to be compliant, it’s really not difficult at all, and it can actually be a boost for your business and your customers. However, if you don’t keep up with PCI compliance, any number of disciplinary actions may be taken against your organization: you can be fined, you may pay higher processing fees, your card acceptance agreement could be terminated, and other repercussions associated with not providing the validation to your acquirer. But don’t let that scare you – the benefits of PCI compliance make it well worth the time and effort. This page on the myPCI website explains in greater detail what PCI DSS compliance is and outlines the twelve requirements for merchants. There are also some helpful links at the bottom of the page for additional information about PCI compliance.
North American Bancard (NAB) works with ComplianceMaker, which helps make the compliance process fast and easy, allowing you to spend more time running your business. ComplianceMaker is an automated, web-based validation process that helps you become compliant and maintain compliance with PCI DSS. It takes much of the guesswork out of compliance, generating all the documentation you need, including a PCI Certificate of Completion after you have successfully completed the compliance assessment, as well as a custom remediation plan, should any issues that prevent compliance certification be discovered during the process. ComplianceMaker also has ongoing support, so if you have questions at any point in the compliance process, don’t hesitate to reach out. We want you to succeed in attaining your PCI DSS compliance, for your business’ sake as well as your customers’ – compliance makes everyone’s card data safer, on both sides of the POS terminal.