Additional Resources

The PCI DSS standards will continue to develop and change in the months and years to come. While they may seem complex, the fundamental steps are fairly straightforward if you take the time to understand and incorporate them into your standard business practices.

No Need to Go It Alone

The process of validation can be difficult and confusing. As part of our Compliance Program we have partnered with Trustwave, one of the most trusted names in compliance, so you have access to their services at a discounted price if you should need them (learn more).

Checklist: Step Two

Verify Secure Handling of Cardholder Data

Regardless of your card payment solution, whether a simple countertop, stand alone terminal or a sophisticated POS system, you are required to comply with Payment Card Industry Data Security Standard (PCI DSS) requirements.

You may have thought that PCI DSS applies primarily to e-commerce merchants or card-not-present situations but the reality is that these requirements apply to everyone who handles credit card data. According to the PCI Council, each company processing, storing or transmitting payment card data must be PCI DSS compliant or risk losing its ability to process credit card payments.

A card data breach can impact your business financially through association fines and other legal costs. In addition there is a significant risk to your reputation if customer data is compromised. Many data breaches involve common business transactions where card data, written down or recorded, was stored too long or in an insecure manner, or was simply mishandled. The PCI DSS is a set of best practices that helps your business avoid common pitfalls that can lead to a data breach.

Steps To Achieve Compliance with PCI DSS?

  1. Educate yourself on the relevant compliance regulations (see the Additional Resources section on this page).
  2. Complete the Self-Assessment Questionnaire, (SAQ), appropriate for your type of business, annually.
  3. You may be required to complete and document a scan of your network, every quarter. Completing the SAQ will help determine if you fall into this category.

Through our Compliance Program, we are pleased to provide you with the information, tools and resources needed to verify if your business is PCI DSS compliant, and with a Reimbursement Program to assist you in the unlikely event of a cardholder data breach.

Continue on to learn about validating your compliance by completing the Self Assessment Questionnaire.