PCI Compliance

If you’ve ever handled payment cards, you’ve probably heard of PCI. You’ve likely heard of PCI security standards, and the term “PCI compliance,” and you’ve probably seen their name (as PCI or PCI DSS) on your statement as a type of transaction fee or a monthly or annual fee.

According to PCI’s website, they are a “global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.” In 2006, American Express, Discover, JCB (a Japanese credit card issuer), MasterCard, and Visa (the “Big Five”) got together and formed this organization: The Payment Card Industry Security Standards Council (PCI-ISS).

We have a great post on our blog that explains PCI in its entirety in layman’s terms (actually divided into Part 1 and Part 2).

When you choose EPS as your merchant services provider, we will help you ensure you’re in compliance with PCI security standards, which are comprised of twelve specific security requirements, all designed to protect cardholder information.

Quick Facts About PCI and You

  1. If you accept credit or debit cards, or you store, process, or transmit payment card data, you are required to be PCI compliant. While the requirements do change depending on the size of your organization, no one and no company is exempt from this requirement.
  2. You’re required to provide an annual PCI audit. (We’ll help.)
  3. If your customer cardholder information is fraudulently obtained, whether by online hackers or by a break-in to your back room, a security breach has occurred and you could be liable – and that liability could put you out of business.

Get These Documents from PCI-ISS and EPS

Guide to Safe Payments
Small Merchant Common Payment Systems
Vendor Questions
Glossary of Security Terms