Archive for March 2011

Payment Card Industry (PCI) Compliance FAQ

March 22nd, 2011 | Author admin

What are the PCI Data security standards?

pci-compliance-shieldThe Payment Card Industry (PCI) Data Security Standard was developed by Visa and MasterCard, with the purpose of creating a common set of industry requirements set for the maintenance and protection of cardholder’s account and transaction information. Endorsed by other providers such as American Express, Diner’s Club and Discover, the standard included the requirements of Visa’s Cardholder Information Security Program (CISP) and MasterCard’s Site Data Protection (SDP).

Who is required to meet the PCI data security standard?

All merchants are required to meet the PCI Data Security Standard. In addition, some of them must also be given the task to validate the compliance of every merchant, regardless of size, volume, and acceptance channel.

The standard establishes four levels based primarily on the volume of transactions processed annually. The following provides selection criteria, requirements and deadlines by level. (from http://www.merchante-olutions.net/infosecurity/mandates.htm#Who)

Level 1

Selection Criteria:
- Any merchant—regardless of acceptance channel—processing over 6,000,000 Visa transactions per year.
- Any merchant that has suffered a hack or an attack that resulted in an account data compromise
- Any merchant that Visa, at its sole discretion, determines should meet the Level 1 merchant requirements to minimize risk to the Visa system.
- Any merchant identified by any other payment card brand as

Read the rest of this entry »

Posted in Business, Finance | 2 Comments »

Powered by WordPress and WordPress Theme created with Artisteer.