Here are some common questions about PCI Compliance from business owners.
What is PCI Compliance?
PCI compliance is short for PCI DSS or “Payment card industry data security standards.” PCI standards are a set of guidelines developed by the major players in the card industry to set forth best practices in security for merchants and their customers.
Does PCI compliance apply for my business?
The compliance affects any U.S. business or organization, of any size, that accepts credit or debit cards.
What do I have to do as a merchant to become PCI compliant?
Complete a once-a-year PCI self-assessment to identify and ensure your business is compliant – to identify and ensure that you are following all of the standards and guidelines set forth in the PCI DSS compliance rules.
What procedures and policies do I need to adopt to be considered PCI compliant?
PCI Compliance is mostly common sense business practices. For example:
- Make sure your computers do not have viruses or malware on them that could capture cardholder information.
- Ensure your software providers are PCI compliant (and, yes, ClassJuggler is).
- Maintain an information security policy at your business.
How do I maintain an information security policy at my business?
- If you capture cardholder information on paper, set a policy and practice that the paper is then immediately destroyed after use, or is stored under lock and key.
- Assure you and your employees follow PCI policies when handling a customer’s card information to prevent that information from being compromised.
- Better yet, implement a policy whereby the majority of payments are managed directly by the customers themselves to reduce the amount of interaction with their information by you or your employees.
What are the penalties for not being PCI compliant?
- Possible increased transaction processing fees
- Monthly non-compliance penalty fees levied by your merchant provider
- Suspension or loss of your merchant account
- Penalties of $5,000 – $500,000, depending on the severity of the breach
As you can see, PCI compliance is very important, so make sure to maintain your compliance.
Does all this have you questioning whether or not offering credit cards are worth it? Check out this article that answers that very question: The Top 5 Benefits of Merchant Processing for Your Business.
Also, check out How to accept credit/debit cards in your business.