All retailers and merchants strive to be PCI (News - Alert) compliant, yet how do organizations cost effectively protect payments and accompanying data when the customer is buying everything from a $1.00 parking pass to a $100k car?
To better understand how PCI works, this article will address the history, outline the benefits of PCI compliance, and discuss ways to ensure the proper systems are in place, no matter the size of the purchase or organization.
History
The Payment Card Industry (PCI) standards group was created by five leading financial institutions; American Express, Discover Financial Services, JCB International, MasterCard (News - Alert) and Visa, to pioneer a unified security standard as the foundation of the payment card industry.
The PCI Data Security Standard provides an action plan for developing a robust payment card data security process, including prevention, detection and appropriate reaction to security incidents, which must be followed by any entity that processes payment cards.
Organizations rely on PCI to flag data security issues that occur through the use of payment processing. In a time of omni-channel purchasing via mobile devices, it takes a significant effort to prevent data breaches that could lead to a loss of reputation and loss of revenue.
The string of high profile breaches over the past few years, including Target and Living Social, collectively affected more than 120 million customers by exposing credit card numbers and personally identifiable information to cybercriminals.
Ensure
PCI requirements are positioned to help with the following:
For many, maintaining compliance is a herculean effort, but failure to comply with these standards may leave a company’s Achilles heel exposed.
The PCI Security Standards Council is constantly working to mitigate threats, with enhancements to PCI standards and through proactive training of security professionals. However, it is also the responsibility of the organization to ensure compliance is maintained and proper systems are in place.
Staying Compliant
Here are some helpful hints to stay compliant:
While some may see avoiding a failed audit as the only reason to maintain compliance, it is in fact an opportunity to ensure the protection of not only your organization, but your customers as well.
For more information: https://www.pcisecuritystandards.org