Payment Card Industry regulations apply to every company that collects, transmits, processes or stores cardholder information — no matter how many transactions you process or how small your business. This includes retail point-of-sale services, e-commerce and mail/phone order. And the cardholder may be a consumer or another business that makes a payment via credit card.
Your responsibility to maintain PCI compliance is part of the privilege of accepting credit or payment cards. The only way to reduce the burden of PCI compliance is to transfer the risk in part or entirely to someone else.
And that’s where we can help.
The PCI Data Security Standard is not a formal law decreed by any legislative government. It’s a global policy developed by the private regulatory body known as the Payment Card Industry Security Standards Council. The major payment brands of American Express, Discover, MasterCard, Visa, and JCB formed the council in 2004.
PCI SSC developed the Data Security Standard, a detailed and comprehensive standard that acts as a common set of minimum security requirements all merchants and service providers that handle sensitive credit card data must implement. The payment brands themselves enforce the security standard for the merchants and service providers that accept their forms of payment.
If your company stores, processes or transmits any of the information recorded on a credit or debit card, then you must abide by the PCI DSS or face:
Your No. 1 responsibility in this regard is to protect the cardholder data under your control. This could be at the POS, as it flows into the payment system or in a database of stored information (which is definitely not recommended). Compliance with the PCI standard includes protecting:
Get a copy of the full PCI DSS 3.0 requirements at https://www.pcisecuritystandards.org/security_standards/index.php.
Credit card tokenization is the process of removing credit card data from your internal network and servers — and replacing it with a unique, generated placeholder, or “token.” Tokenization helps companies that accept, transmit, process or store customer credit card data in any way to comply with the 12 current PCI DSS requirements.
Outsourcing with 3DSI also means that we handle updates to ensure compliance with continually changing PCI standards. And since 3DSI’s core business is securing payments, we are continuously improving our tokenization processing technology.
And this allows you to focus on your core business and customer satisfaction.