Saturday, 1 September 2012

Is Your Online Store Following PCI Compliance Standards?

By Kate Bailey


We are in the midst of a 'shop online' trend explosion. Internet retailers are continuously reinventing how we [customers] shop online. Whether it's via our mobile devices, PCs, or in-store kiosks, there is a myriad of new options for transacting business that carry both positive and negative implications for the consumer and the retailers themselves. We need to know that our online stores are following the pci compliance standards.

According to the Security Standards Council, there are 12 compliant requirements that meet a variety of security goals. These goals are: Building and maintaining a secure network, protecting card holder data, maintaining a vulnerability management program, implementing strong access control measures and maintaining an information security policy. Here's your guide to the four different levels of compliance as mandated by the major payment card brands, Visa and Mastercard, as well as action items for each.

Why Should I Comply? As a merchant, you are probably wondering why you need to comply with the PCI Security Standards. These strict guidelines seem like a lot of effort, especially to small organizations. However Payment Card Security is becoming increasingly important and implementing precautionary measures could be potentially business saving. Some of the reasons why (as highlighted by the Compliance Council*) it would benefit to comply with the Security Standards are: Compliance with the standards means that your systems are secure, and customers can trust you with their sensitive payment card information. Trust means your customers have confidence in doing business with you.

Level 3: Your company has 20,000 to 1 million Visa and/or Mastercard e-commerce transactions processed per year. You must complete a Self-Assessment Questionnaire (SAQ) annually, and this level also requires a network scan with an approved scanning vendor. Level 4: You have less than 20,000 Visa and/or Mastercard e-commerce transactions processed per year. Must complete a Self-Assessment Questionnaire (SAQ) annually, and requires a network scan with an approved scanning vendor.

Aside from escaping monetary losses, there are numerous advantages to keeping your business compliant. Improving organizational security will help fend off hackers so that you can rest assured that cardholders' information is safe from harm. This will help build up your customer base, as happy and confident shoppers turn into repeat customers. Your overall brand image will be positive, showing your company as a responsible and productive member in the market that not only adheres to but also promotes PCI compliance. Business partners and investors will become confident in your capabilities as a company, and you will sleep more soundly at night knowing that you are doing everything in your power to protect your firm.




About the Author:



No comments:

Post a Comment