The Payment Card Industry Data Security Standard (PCI DSS) is a collection of obligations intended to make certain that ALL businesses, large and small, that process, store or transmit credit card information preserve a secure business environment for their credit card customers. Essentially, any seller that has a Merchant Identification (MID) is required to become PCI compliant.
The PCI Security Standards Council (PCI SSC) was enacted in the autumn of 2006 with the goal of improving payment account security throughout the credit card transaction process. The PCI program is managed and administered by an independent body generated by the major credit card brands, including Visa, MasterCard, Amex, Discover and JCB.
The PCI standard now applies to all businesses, organisations and private merchants—regardless of company size or the number of transactions processed. All businesses that accept, transmit, or store any type of cardholder data are now required to be PCI compliant—a task that our leading web design company specialises in. Simply put, if any customer of a given business ever pays the merchant directly using a credit or debit card, then the PCI DSS standards now apply.
So how do you become PCI compliant if you are a small business? Most small to medium-sized businesses fall into the category of a Level 4 merchant—businesses processing fewer than 20,000 Visa e-commerce transactions per year and all other merchants—regardless of acceptance channel—processing up to one million Visa transactions per year. If you are a Level 4 merchant, there are a few steps you must take to satisfy the requirements for PCI Compliance.
- First, you must determine which Self Assessment Questionnaire or “SAS” (available on the PCI website) your business should use to validate compliance.
- Once you determine the proper SAS, you must complete the form according to the provided instructions.
- The next step is to complete and obtain evidence of a “passing vulnerability scan.”
- Finally, you must submit evidence of a passing scan and complete and provide the relevant “Attestation of Compliance.”
For more detailed instructions on how to become PCI compliant, please contact WSI Digital Web today. Our many years of experience in the e-commerce field can help ensure your organisation’s compliance with this very important standard.