With the high profile attacks on Target, Neiman Marcus and other breaches, we think it's a good time to talk a little about PCI compliance, and why it's important to merchants. Here are some FAQs.
So what is PCI Compliance?
PCI Compliance as defined by the PCI Compliance Security Standard Counsel as “In security terms, it means that your business adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. In operational terms, it means that you are playing your role to make sure your customers' payment card data is being kept safe throughout every transaction, and that they – and you – can have confidence that they're protected against the pain and cost of data breaches.” To view the PCI SSC website click here
Who needs to be compliant?
Anyone who accepts payment cards, online or offline, needs to be compliant.
Who is responsible if cardholder data is stolen from your company?
YOU ARE! And the results could be fines and penalties, termination of right to accept credit cards, lawsuits and the loss of your customer's trust. According to Reuter.com the recent Target Credit Card Data breach has cost Target $61 million. Analyst believe this number will continue to grow. Some even saying up to $1 billion. To view the article click here
Who enforces PCI Compliance?
PCI Compliance requirements are set up by the PCI Security Standards Council (PCI SSC) but the Payment Card Brands are responsible for enforcing the standards.
So what do you need to do and when?
The time to act is NOW! You should contact your Payment Card Brands in order to find out their process of becoming PCI Compliant or you can start with PCI Compliance Security Standard Counsel’s Getting Started Guide
Contact your host and verify that your hosing environment and facility are PCI Compliant. If not, move your hosting to a PCI Compliant hosting environment.
How can Web 2 Market help me?
All our hosting and coding is PCI Compliant. We believe that security is a non-negotiable. We'd rather not have a client than cut corners and put the client at risk. If you're a Web 2 Market client, you can rest knowing that we're working hard to protect your data and your reputation.
Please see www.pcisecuritystandards.org for more information on PCI compliance.
For help with these or any other e-Commerce topics please contact us at:
AbleCommerse Website: www.web2market.com