PCI Compliance FAQ's (FAQ Home) (Ask a new question)
Click on the question to view the answer.
What is PCI Compliance?
The Payment Card Industry Data Security standard or PCI-DSS are a set of rules designed to minimize theft and loss of sensitive credit card data. All member banks, merchants and service providers that handle or process credit card related transactions must be PCI certified as secure.
Back to Top
Who has to Comply?
Member Banks
Acquiring banks and card issuing banks
Merchants
All retail swipe, wireless, internet and MO/TO merchants
Service Providers
Internet gateways, shopping cart vendors and hosting companies
What are the certification levels and what do they mean?
All merchants and their service providers are required to comply with the PCI Data Security Standard in its entirety. There are five Self-Assessment Questionnaire or SAQ Validation categories, shown briefly in the table below. Use the table to gauge which SAQ applies to your organization, then review the detailed descriptions to ensure you meet all the requirements for that SAQ.
SAQ Validation Type |
Description |
SAQ: V1.2 |
1 |
Card-not-present (e-commerce or mail/telephone-order) merchants, all cardholder data functions outsourced. This would never apply to face-to-face merchants. |
A |
2 |
Imprint-only merchants with no electronic cardholder data storage |
B |
3 |
Stand-alone terminal merchants, no electronic cardholder data storage |
B |
4 |
Merchants with POS systems connected to the Internet, no electronic cardholder data storage |
C |
5 |
All other merchants (not included in Types 1-4 above) and all service providers defined by a payment brand as eligible to complete an SAQ. |
D |
Back to Top
How does the PCI Compliance Service help me to get certified? Depending on your SAQ Validation level, you may be required to have independent auditors validate your PCI-DSS compliance. These third parties are certified by the PCI board to conduct quarterly and annual PCI compliance scans on your behalf. In the event that you cannot meet PCI-DSS security standards, a PCI Compliance Service can quickly identify any breaches and provide recommended solutions to address the issue.
Back to Top
Who needs to complete the Self Assessment Questionnaire?Starting in 2008, ALL merchants and service providers must complete the PCI SAQ on an annual basis.
Back to Top
I’m a small merchant who only takes a handful of cards, do I still need PCI compliance? PCI compliance is mandatory for every merchant that accepts credit cards in any form. In the event of a security breach, you could be personally fined $50 - $90 per stolen record! PCI compliance not only secures your customer’s data but it also protects you from catastrophic losses.
Back to Top
GET MORE. PAY LESS. BE SECURE!
MERCHANT ACCOUNT + DEDICATED HOSTING + PCI Compliance = Complete eCommerce solution.
Learn More or Contact Us.
Call us @ 949.274.8975 for a Custom YESPCI Solution!
|
