PCI Compliant

What is PCI?
PCI stands for Payment Card Industry. The Payment Card Industry Data Security Standards (PCI-DSS) is a set of requirements created by Visa, MasterCard, AMEX, Discover and JCB to ensure that any and all merchants that process, transmit or store credit card information maintain a secure environment.

Does everyone who accepts credit cards need to be PCI Compliant?
Yes. Regardless of company size, number of transactions processed or anything else, every single merchant or company that has a Merchant ID (MID) needs to be PCI Compliant.

Since my merchant processor and my terminal are PCI Compliant, do I still need to do anything?
Yes. There are 3 parties that need to be PCI Compliant. The first is your merchant processing company or ISO. The second is the terminal that you use to actually process credit cards. The third is you, the merchant.

What is involved in becoming PCI Compliant?
There are different levels and classifications of merchants that are determined by number of transactions processed and also how you process credit cards. For the majority of merchants, all that is needed is to fill out a quick self-assessment survey. For merchants with more advanced Internet connected POS terminals, a vulnerability scan may be required.

How long will I have to be PCI Compliant?
You will have 30 days from the receipt of PCI Compliance notice from your merchant processor.

What can happen if I don’t comply with the PCI requirements?
In addition to being charged a non-compliance fee by your processor, you may lose the ability to accept credit cards and should you ever have a security breach, the PCI Council can fine you. These fines can start at $50,000 per incident.

How often will I have to comply with the PCI requirements?
For SAQ A and B merchants, you will have to fill out an SAQ annually. For SAQ C customers, you will need to fill out an SAQ annually, and also have a vulnerability scan performed quarterly.

Is there someone I can call if I have questions or need help with my PCI Compliance?
Yes, our PCI program provides full phone and email support available to all merchants. Our PCI experts will be available to answer any and all questions you may have regarding PCI Compliance.

What if my business needs more help becoming PCI Compliant beyond what’s available on the phone?
We contract with The CISO Group, a leading provider of PCI Compliance and network security consulting services. Should your business require more that just the available phone support, The CISO Group has consultants worldwide that are available to assist you.