PCI Compliance Explained
PCI Compliance or PCI DSS… most merchants have heard these terms, but many of them aren’t exactly sure what these important acronyms actually mean. (PCI stands for “Payment Card Industry” and DSS stands for “Data Security Standard” by the way). So, we’ve decided to provide you with a quick overview in today’s blog post. PCI Compliance refers to the security guidelines mandated by law for businesses that accept credit cards to safeguard sensitive cardholder data. In today’s increasingly digital world, there are a lot of data and identity thieves out there. That’s why, in order to protect your customers, and protect yourself from liability, it is imperative that we all do our part to follow these very important guidelines.
PCI & NAB
PCI compliance isn’t just a good idea, it’s the law. At North American Bancard, we embrace this reality 100%. That’s why we are committed to ensuring that all our merchants, our equipment and our agents remain PCI compliant at all times. In fact, we have made significant investments to protect both our merchants and their customers from online data breaches. To that end, we update our terminal software continuously to remedy any compliance issues that may arise. We also have a dedicated team of highly trained and experienced professionals available day and night to help resolve PCI compliance issues.
THE TWELVE COMMANDMENTS OF PCI COMPLIANCE
When you partner with North American Bancard, you can rest assured that you we will do everything possible to ensure PCI compliance on our end. It is only by working together, however, that we can win the battle against credit card fraud. That’s why we need you to remain vigilant as well. No matter what size your business, or how many transactions you process, there are twelve basic requirements that all merchants must adhere to be considered PCI Compliant. They are as follows:
Requirement 1: Install and maintain a firewall configuration to protect cardholder data via a secure network.
Requirement 2: Change vendor-supplied defaults for system passwords and other security parameters.
Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open, public networks.
Requirement 5: Maintain a vulnerability management program by using and regularly updating anti-virus software.
Requirement 6: Develop and maintain secure systems and applications.
Requirement 7: Restrict access to cardholder data by business need-to-know.
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 9: Restrict physical access to cardholder data.
Requirement 10: Track and monitor all access to network resources and cardholder data.
Requirement 11: Regularly test security systems and processes.
Requirement 12: Maintain a policy that addresses information security.
For more details about these important requirements, you can visit NAB’s dedicated PCI Compliance site at www.mypcicom. We thank you in advance for doing your part to protect yourself and your customers from data piracy.