Loading...
HOME 2017-04-28T16:03:27+00:00

Discover who needs to be PCI compliant, how to become one, and which PCI standards apply to you exactly! Find out all important information!

What is PCI?

PCI refers to Payment Card Industry that includes guidelines for organizations that accept credit cards processes. The full name is Payment Card Industry Data Security Standard or PCI DSS.

The Payment Card Industry Data Security Standard provides organizations that accept credit card processes with suitable guidelines and a specific framework to protect the cardholder personal information. The organization behind PCI DSS is the Payment Card Industry Security Standard Council, which as built by using information from major credit card companies such as Visa and Master Card’s security regulations and programs.

Learn More

Video

CLICK BELOW TO WATCH OUR VIDEO

Watch Video

There are six different categories of PCI DSS regulations

PCI DSS

These regulations or PCI objectives can help you determine whether or not your business is PCI compliant. The best way to do is to check the PCI standards. Once you will take a look at the standards, understand the meaning of the PCI regulations, you can start the process of becoming PCI compliant.

Here are the PCI standards that may apply to you:

  • Business – PCI Data Security Standards (PCI DSS)
  • Device Manufacturer – PIN Transaction Security PTS Requirements
  • Software Vendor – Payment Application Data Security Standard (PA-DSS)
  • Value Added Reseller – Qualified Integrator and Reseller (QIR Program)

Let’s see who needs to be PCI compliant.

Articles

All Articles

The PCI DSS Applies to All Merchants or Service Providers That Process Credit Card Information.

DO YOU HAVE A BIG IDEA WE CAN HELP WITH?

All individuals and businesses are asking the same question – who needs to be PCI compliant? So, to avoid any inconveniences, we’ve decided to clear this up.

The answer is EVERYONE! Whether your company employs 10 or 1000 individuals or whether your business processes 500 or 500.000 credit or debit card transactions per year, all vendors who accept credit card as a method of payment are required to have PCI certificate and be PCI compliant.

For vendors, the Payment Card Industry Security Standard Council has designed validation tools in the form of SAQs or Self-Assessment Questionnaires. There are 4 SAQs available or A, B, C, and D and they are designed with one thing in mind – to meet the needs of various business types and various business processing methods. For example, they are designed to meet the needs of a restaurant and an e-commerce business as well. A lot of vendors are wondering how they should choose a specific SAQ.

Here is one example, if a vendor allows credit card payments via the website and then keeps the credit card data for future purchases, this vendor will be required to use the fourth SAQ – which is also known as SAQ for a long term. This is because the vendor, in this case, will handle, process, and store the credit card data and the SAQ D involves 250 controls and demands the greatest amount of energy, time, and money.

If the vendor allows credit card payments via the websites and doesn’t keep the credit card information, this vendor is qualified for the first SAQ or SAQ A – the shortest of all four SAQs. It involves around 20 controls and requires minimum energy, time, and money.

Like vendors, any organization that processes credit card information on behalf of the vendor is required to be PCI compliant. All vendors are required to ensure their provider has PCI certificate and is PCI compliant. You can check the list of global PCI service providers on the official VISA website.

Ready to Talk?

DO YOU HAVE A BIG IDEA WE CAN HELP WITH?

Contact Us