Merchants like you have important data security responsibilities. If you process, store, or transmit cardholder data, you must comply with the Payment Card Industry Data Security Standard (PCI DSS). If you do not comply, you could lose your ability to offer these services.
With PCI DSS compliance, there is no arguing the facts. It is your responsibility to achieve it, maintain it, and validate it.
Not sure how to comply and validate your compliance? We can help.
The PCI DSS is an evolving framework designed to protect cardholder data. This multi-faceted security standard outlines the minimum requirements that must be in place to:
- Build and maintain a secure network
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Maintain an information security policy
As a merchant accepting card payments, you must comply with the PCI DSS at all times and validate your compliance annually. Validation requirements will vary depending on your PCI Validation level, but typically include:
- Annual Self Assessment Questionnaire or Annual On-Site Assessment
- Quarterly Vulnerability Scans
Visit the PCI Security Standards Council for more information.
FAQ content 3