PCI Compliance – the Acronym that Doesn’t Get Much Respect

Acronyms are often thrown around the office like softballs. But when you hear the words “PCI Compliance” you probably will want to pay attention – especially if you want to stay in business.

What you don’t know can hurt you
PCI Compliance or Payment Card Industry Compliance is a set of unified rules and guidelines created by the PCI Security Standards Council (PCI SSI) and enforced by the credit card brands (Visa, MasterCard, American Express, Discover and JCB). These are not “laws” but rather rules enforced by the credit card brands to protect cardholder data. Violations in these PCI rules and guidelines could result in potentially catastrophic fines that could cripple your company and brand. Additionally, you may be suspended from accepting credit cards, which is equally disastrous.
The PCI standard has 12 sections and 5 levels that determine the specific steps a business must take to insure protection. There are understandably different requirements for a small business vs. large chain restaurant or an internet retailer vs. a small retail chain. Specific requirements for each card brand may be found below.
• American Express: www.americanexpress.com/datasecurity
• Discover Financial Services: http://www.discovernetwork.com/merchants/fraud-protection
• JCB International: http://www.jcb-global.com/english/pci/index.html
• MasterCard Worldwide: http://www.mastercard.com/sdp
• Visa Inc: http://www.visa.com/cisp
• Visa Europe: http://www.visaeurope.com/ais

Are you vulnerable?
Depending on your classification level, an on-site assessment and a scan of your network and systems may be necessary. For smaller merchants, just an SAQ (Self-Assessment Questionnaire) is required to be completed that will alert you to potential vulnerabilities and guide you to the steps that must be taken. Often times, this questionnaire is required to be turned in to your credit card processor or bank as validation that you are PCI Compliant.

Bottom Line: If your business accepts credit cards, PCI Compliance applies to you and must be taken seriously. If you’re lost, confused, or just don’t understand – your credit card processor can help you with the process. It is in their best interest for you to continue accepting credit cards. Speak to them and ask for guidance, even if you have to politely remind them that YOU pay them.

“Plastic” has largely replaced Jacksons, Benjamins and Washingtons. Which is why it’s as important as ever to protect your business and your brand by being PCI Compliant. For more information, go to www.pcisecuritystandards.org.

Tyler

Tyler Barron is an Applications Consultant with a retail business background at ITK Solutions Group. ITK Solutions Group is a retail-focused consulting firm specializing in enterprise resource planning (ERP) solutions.

5 comments

  1. David Curtis says:

    Tyler,
    Very good overview of the PCI Compliance issue. Another great resource for information is the PCI Security Council website: https://www.pcisecuritystandards.org/index.php

    This is the organization founded by the major credit card networks to develop all the PCI standards. There is a lot of good information and resources available on the site.

    • Geraldine says:

      People normally pay me for this and you are giving it away!

    • Dizz says:

      I use Discover for business and Chase for psraonel. Here is why:Discover has had a long tradition of being different. When the Discover card was first introduced there was no annual fee, that may not seem like a big deal but back in the day it absolutely was. Discover credit cards also offer cash back rewards. For a business using Discover for their corporate credit cards this is a big advantage you get cash back for spending. And the best part about using these particular corporate credit cards is that the cash back rewards are targeted at specific purchases that you will make as a business, such as gas, travel and office supplies. The current standard APR on Discover corporate credit cards is 13.99%. There is also a 0% APR introductory offer. Remember these cards come with a grace period of at least 25 days when you pay the balance in full each month. This means you can run your business interest free on Discover’s money in 25 day cycles.A lot of the others have shorter grace periods something most consumers don’t think to check up on.

    • Victor says:

      The average is 3% for most criedt cards ..Plus they charge you much higher interest rates if you don’t pay off your balance in full .usually in the 24-30% range for cash advances

  2. Indy says:

    Knocked my socks off with knowledge!