The PCI Standard is a regulation created by payment card companies (Visa and MasterCard) and enforceable under contractual obligations with these credit card companies. Members and merchants agree to abide by these standards under the terms of their contracts with payment card companies. The Payment Card Industry Standard outlines the security requirements for transmitting, storing, accessing, or processing cardholder data.
Non-compliant companies who maintain a relationship with one or more of the card brands, either directly or through an acquirer, risk losing their ability to process credit card payments and being audited and/or fined per incident if there is a compromise on their network resulting in the loss or theft of cardholder information, and the network
PCI compliance is one of the hottest topics in the industry and will continue to affect acquiring banks, Independent Sales Organizations (ISOs), processors, shopping carts, e-commerce and retail merchants, and other merchant services providers. According to the 2009 Data Breach Investigation Report (DBIR), there were 285 million data records stolen (or breached) in 2008, of which 64 percent were done by hackers and 38 percent were due to malware (malicious software). Of the victims that were affected by a breach, 81 percent were not PCI compliant. These numbers represent more than the previous four years combined. E-commerce merchants are strongly encouraged to show proof of their compliance on their web-sites due to the nature of processing credit card transactions via the Internet.
The PCI Security Standards Council's mission and Velocity Processing's priority is to enhance payment account data security by driving education and awareness of the PCI Security Standards.
For further reading on PCI Compliance please see:
www.pciSecurityStandards.org
Copyright © 2011 Velocity Processing LLC All rights reserved.