The Payment Card Industry requires banks, online merchants and Member Service Providers to protect cardholder information by adhering to a set of security standards. There are specific requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. If you accept credit cards you are required to become PCI compliant
What is PCI compliance?
Have you taken these steps to be PCI compliant?
ØHave you installed and maintained a firewall configuration to protect cardholder data? ØHave you changed your vendor-supplied default passwords? ØDo you protect stored cardholder data? ØDo you regular updates on your anti-virus software? ØHave you assigned everyone with computer access a unique ID?
These are just a few of many PCI requirements. If you answered “NO” to one or all of these or you don’t know what they mean, you are not PCI compliant!
First step in becoming PCI compliant depending on your storeenvironment:
If you are using external Dial-Up credit card terminals
As of today this is the only PCI compliant solution and it only requires you to take an Annual Self-Assessment Questionnaire. (SAQ)
If you are using high speed integrated credit cards (you swipe credit cards on your POS terminal or stand-alone high speed credit card terminals)
You are required to take an Annual Self-Assessment Questionnaire. (SAQ) You are also required to perform Quarterly Networks Scans from a Certified Network Scanning Company.
Install a PCI compliant hardware appliance. This device will completely segregate the internet from the POS/Credit Card network traffic, monitor all activity going across the network and be able to provide logging capabilities.
Who do I call to take my Annual SAQ and Quarterly Network Scans?
For First Data users call PCI Rapid Comply at 1-877-437-8666 or on-line at www.cloversecurity.com For non-First Data users call Security Metrics at 1-800-557-4684 or on-line at www.SecurityMetrics.com
Looking for a solution for a managed external firewall appliance, which also includes a PCI compliant Hot Spot?
EMV - stands for Europay, MasterCard and Visa, a global standard for inter-operation of integrated circuit cards (IC cards or "chip cards") and IC card capable point of sale (POS) terminals and automated teller machines (ATMs), for authenticating credit and debit card transactions.
