What is PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) is an industry-wide compliance requirement for anyone who stores, processes, or transmits payment card data (such as accepting credit card payments). PCI DSS was created in collaboration with the different card brands, American Express, Discover, JCB, MasterCard, and Visa. The requirements are designed to reduce payment card compromises and data theft by helping you secure your sensitive information and reduce your risk of attack.

What are my requirements?

All merchants who store, process, or transmit payment card data are required to be PCI DSS compliant by the payment brands and your merchant bank. PCI DSS has two requirements:

  1. An annual Self-Assessment Questionnaire (SAQ), which asks if you are taking the proper precautions to protect your payment card data.
  2. Quarterly security scans (if using an internet protocol for authorizations) of your computer systems that are connected to the Internet, which look for weaknesses that an attacker might use to access computer systems. These scans must be conducted by PCI-certified Approved Scanning Vendor (ASV).

Failure to comply with PCI DSS can result in risk of a data breach, fines, and losing your ability to accept payment cards.

To complete your compliance questionnaire and security scan log in to your interactive compliance portal click here.

For more information on the Payment Card Industry Data Security Standard click here.

Online Banking SSL Information