Being “PCI Compliant” means that a business is following all of the rules to keep business and client information safe while processing credit cards. Compliance with PCI standards is required of all companies that store, process, or transmit cardholder data and applies to all acceptance environments; including retail (face-to-face), mail/telephone order, and e-commerce.
What is PCI?
PCI-DSS is a set of technical and operational standards designed by the Payment Card Industry Security Standards Council to protect cardholder data. The Council is made up of Visa, Mastercard, Discover, American Express, and JCB.
Why is PCI
A typical data security breach costs a small business merchant between $25,000 – $50,000, but can be much higher depending on how many card numbers were compromised. Non-compliance makes a business vulnerable to fraudulent activity and data breaches.
92% of cardholder data breaches occur in small business locations. They aren’t the breaches we hear about on the news, but they are the most common. PCI-DSS compliance is mandated by the card associations. The standard is overseen by an independent council of the five major card brands: Visa, MasterCard, American Express, JCB, and Discover.
Who needs to
become PCI compliant?
If you accept credit cards as a method of payment for goods or services, you must comply with the PCI Data Security Standards.
How do I become
compliant with PCI-DSS?
We have teamed up with security companies, to provide you with a program to become PCI compliant. Register today to get certified.
If you’ve added Safe-T™ to your service with us, you’re taking advantage of additional data security tools to help protect your customers’ sensitive card information:
- Encryption: When you accept card payments, your customers’ card data must travel a number of places to complete the transaction. Encrypting that data helps protect the information it contains.
- Tokenization: Tokenization replaces cardholder data with non-sensitive information, or a token. This helps prevent data from being compromised, and also ensures that your business doesn’t store sensitive cardholder data.
In addition to simplifying the PCI DSS compliance process, you’re also eligible for up to $100,000 (Safe-T Silver) or $250,000 (Safe-T Gold) of financial reimbursement assistance depending on the Safe-T package you selected.
Safe-T for Small &
We protect your payment data so you can concentrate on running your business. Leverage our user friendly tools that will not interfere with your daily business.
Integrated security solutions that protect your brand while ensuring smooth, quick processing for all transaction types. We leverage technologies that protect your data at every point in the payment lifecycle.
As a consumer you probably worry about data breaches, like the one that resulted in 40 million card numbers being stolen from Target. Well, as a result of recent Mastercard and Visa changes now you need to worry as a business owner too. But if you have a chip card reader, you are protected! You might not have realized it, but October 1, 2015 was a big day for businesses across America. That was the day that businesses were expected to use chip readers instead of swiping, all in the name of beefed up security.
Credit card issuers like Mastercard and Visa transferred the fraud liability to any merchant that was not using a chip reader. This meant if you swiped a card and it was used fraudulently, you the merchant would be liable.
What is EMV?
EMV stands for “Europay, MasterCard and Visa.” EMV set out to create world-wide standardized protocols for “integrated circuit” cards and the hardware necessary to accept these cards. EMV are also known as chip cards. In 2005 chip cards became the status quo in the Europe, and in 2012 Canada joined. These chip cards are manufactured with a small integrated chip in the card. Payment data is read from this chip instead of from the magnetic stripe.
How does the
EMV payment terminal
protect against fraud?
The magnetic stripe on traditional credit and debit cards store unchanging data. Whoever accesses that data gains the sensitive card and cardholder information necessary to make purchases. That makes traditional cards prime targets for counterfeiters, who convert stolen card data to cash. Unlike magnetic stripe cards, the chip generates a unique cryptogram for every authorization, making it theoretically impossible to duplicate an approval code to commit fraud. If a hacker stole the chip information from one specific point of sale, typical card duplication would never work because the stolen transaction number created in that instance would not be usable again and the card would be declined.