PCI Compliance for Cards

Introduction

Trust between a buyer and seller is the most important step for the successful transaction between two parties. Cash has many disadvantages such as high cash handling charges, fraud, money laundering, etc. The trend is moving to cashless transactions. Smartwatches and Smartphones are replacing the wallet, with a simple tap of the device to a retail terminal. According to a 2017 report by Allied Market Research, the global mobile payments market may reach $3.4 billion by 2022, with a compound annual growth rate of 33.4% from 2016 to 2022.

Cashless transactions include use of debit and credit cards (“payment card”), and can be done any number of ways, including:

  • EFT (electronic funds transfer, which can be linked to a payment card) like PayPal, Zelle, Venmo, etc., and
  • Mobile Walletswhich allow you to add however many payment cards into your virtual “wallet” (ApplePay, Google Pay and Samsung Pay), etc.

For payment cards that are branded with one of the 5 payment brand logos (American Express, Discover, JCB, MasterCard, and Visa), there are strict security requirements which all entities that store, process, or transmit the payment account number (PAN) must comply with.  The Payment Card Industry Data Security Standard (PCI-DSS)is developed by the PCI Security Standards Council (PCI SSC), which is a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security.  All entities that store, process, or transmit the PAN must provide formal validation of compliance on an annual basis, and in some cases it is mandatory to have this validation performed by a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA), both trained by the PCI SSC to do so.

How can we help you?

Contact us by submitting a business inquiry online or call us directly now.

From audits, remediation to ongoing maintenance, we'll ensure you remain secure.