What are the PCI SSC and PCI DSS?
The Payment Card Industry Security Standards Council (PCI SSC) founding members, along with the major credit card companies such as American Express, Discover, JCB International, MasterCard and Visa Inc., have agreed to incorporate the Payment Card Industry Data Security Standard (PCI DSS) as part of the technical requirements for each of their data security compliance programs.
Do the PCI standards apply to my organization?
PCI Security Standards are technical and operational requirements put together by the PCI SSC to protect cardholder data. The standards apply to all entities that store, process or transmit cardholder data, with additional requirements for software developers, and manufacturers of applications and devices used in those transactions.
When accepting a customer payment for your goods or services, you must be sure that, your company is not exposed to a security breach, and that your business is processing your customer’s payment details securely. Keeping payment information secure and protected from any malicious activities is of utmost importance.
More than 868 million records with sensitive information have been breached between January 2005 and June 2014, according to PrivacyRights.org
The founding members of the PCI Security Standards Council (American Express, Discover, JCB, MasterCard, and Visa) continually monitor occurrences of account data compromise. These compromises cover the full spectrum of organizations, from very small to very large merchants and service providers.
A security breach and subsequent compromise of payment card data has far-reaching consequences for affected organizations, including:
1. Regulatory notification requirements,
2. Loss of reputation,
3. Loss of customers,
4. Potential financial liabilities (for example, regulatory and other fees and fines), and
If you have any questions on the level of PCI DSS you need to be certified for, or how to progress with the requirements and, ultimately, become certified on a yearly basis, please contact us for more details.