PCI DSS regulations are enforced by credit card associations like Visa, MasterCard and American Express. To promote the security of the credit and debit card payment systems, the major card brands established the Payment Card Industry Council (PCI) to oversee its Data Security Standards The PCI Security Standards Council developed PCI DSS to increase data security in credit card payment processing. The PCI DSS applies to all organizations that transmit, process, or store credit card data. The purpose of PCI Security Compliance is to institute requirements to protect sensitive information that is being stored electronically.
Merchants of all sizes must ensure that cardholder data is protected from a security breach. A typical breach costs a small business merchant $25,000 – $50,000, but can run much higher depending on the number of cards compromised. To protect cardholder data and mitigate financial exposure, it is imperative that all merchants validate and demonstrate PCI-DSS compliance
PCI DSS Requirements
Below are the 12 principle requirements of PCI DSS.
In the event that your business experiences a data breach, Elavon may be contacted by the involved payment networks. We will then contact you, communicate the extent of exposure from the attack and assist you through the necessary steps to protect your business. We’ll put you in touch with Qualified Forensic Investigators who will conduct a thorough examination of your payment environment to identify the systems and/or processes that resulted in the security breach and recommend additional steps you should take to protect your business and your reputation.
As a part of Elavon’s compliance program, certain payment network fines, fees, and assessments associated with each compromise incident will be retained by Elavon and may not be passed on to you, depending on your level of available coverage. Elavon will also reimburse you for the incurred costs of a comprehensive forensic audit performed by a QSA up to your level of available coverage.
Following are some helpful guidelines to help you protect your confidential customer information and your business.Keep cardholder information storage to a minimum and never store the information contained in a credit or debit card’s magnetic stripe. Don’t store it, if you don’t need it.