What Is PCI Compliance & How Does It Work?

Posted February 2, 2017

In Credit Card Machines, Credit Card Processing

All credit card companies and card-accepting merchants are required to maintain strict compliance with what are known as the Payment Card Industry Data Security Standards (PCI Compliance/PCI DSS). These standards exist to ensure that all cardholder information and credit card data is kept private, as well as that all relevant data is stored securely to prevent data breaches and credit card fraud.

Why Is Merchant PCI Compliance Important?

Over the last few decades, money has switched all but completely from physical paper bills and coins to more technologically advanced methods of payment. Today, the majority of transactions are carried out through the electronic exchange of credit and debit card data. Now, financial crimes are less about bank robberies and muggings, and more about data breaches and fraud.

Under the stringent requirements of PCI DDS, companies are expected to keep their customers from having their personal data stolen and becoming the victims of serious crimes like identity theft. Failure to comply with these standards means that a company’s customers are at a greater risk of exposure.

Get Started Today!

Data breaches involving major retailers like Target and Neiman Marcus in the last few years have brought PCI compliance back into the spotlight and to the forefront of consumers’ minds. Such incidents have shown not only the importance of PCI compliance but, also, the importance of keeping PCI standards up to date, continually working to close any gaps that may occur.¹

The Goals and Standards of PCI Compliance

There are 12 primary compliance requirements for PCI DSS that fall under six categories:²

1. Create and maintain a secure network.

Cardholder data must be protected behind a properly installed and maintained firewall.
Default system passwords and other vendor-supplied security parameters must not be used.

2. Protect cardholder data.

All stored cardholder data must be appropriately protected.
Cardholder data must be encrypted if it is to be transmitted via open, public networks.

3. Provide and maintain vulnerability management program.

Use regularly updated antivirus software.
Make sure that all systems and applications are secure and well-maintained.

4. Utilize strong access control measures.

Keep access to cardholder data restricted (on a business need-to-know basis).
Assign unique ID numbers/values to all individuals with access to computer systems.
Physically restrict access to cardholder data, in addition to the restricted network access.

5. Monitor and test networks on a regular basis.

Monitor and track all access to cardholder data and other network resources
Test security systems and processes at regularly-scheduled intervals.

6. Maintain an information security policy.

Keep a strict overall policy regarding information security.

Get Started Today!

Get Secure, PCI Compliant Credit Card Processing Solutions from Leap Payments

At Leap Payments, the security and privacy of your customers’ private card information are of the utmost importance to us. Our business is 100% PCI DDS compliant, with a strong focus on providing top-notch network security, efficient merchant services, and the best rates for credit card processing.

To learn more about how Leap Payments can work for you and your customers, contact our friendly staff today at (800) 993-6300.

Sources

Save time shopping around for the best merchant service provider!

Call Leap Payments at (800) 993-6300 Today!

No Contracts Required, The Lowest Rates, No Hidden Fees, and Much More!

credit card processing, PCI Compliance

Logan McAuliffe

Merchant service expert, Logan McAuliffe, is a marketing writer for Leap Payments. His interests include playing sports, music and graphic design. Leap Payments is the industry leader in credit card processing and merchant services, offering both high-risk and traditional solutions.