The Payment Card Industry Data Security Standards Council (PCI DSS) was founded in 2006 by the major credit card brands (American Express, Discover, MasterCard and Visa). Although they are not associated with the card brands they do assist with helping business owners in keeping their customers credit card information Safe. Their mission is to:
“Enhance global payment account data security by developing standards and supporting services that drive education, awareness, and effective implementation by stakeholders. We achieve this with a strategic framework to guide our decision-making process and ensure that every initiative is aligned with our mission and supports the needs of the global payments industry.” 1
To help achieve their mission, the PCI DSS council created a Self-Assessment Questionnaire (SAQ) to find out how a merchant accepts credit cards, stores credit card information (if applicable), and provides suggestions on how to keep that data safe. This SAQ is broken up into several different parts and are provided to you if the section is applicable to your business type. Some SAQ questionnaires will require scans to be done on your computer to ensure all anti-virus software is in place, firewalls are established and necessary steps are taken to protect your computer and internet source.
Here at Complete Merchant Solutions (CMS) we have strict instructions from the card brands on how much we can and cannot assist our customers through the compliance processes. Because of this we have hired a third party group named Security Metrics to assist all of our customers with their compliance. Security Metrics is the specialists within the industry and are known for their great customer service. Once a business owner obtains a merchant account through CMS, an additional account will automatically be created with Security Metrics (see link to login page below).
At this time the card brands are not mandating each business owner to take and follow the guidelines within the SAQ questionnaire. However there are fees and penalties that can be placed on a merchant if they are not following these guidelines by being compliant during a breach or showing signs of fraudulent activity. CMS has experienced and seen what great benefits can come from following the PCI DSS guidelines and becoming PCI Compliant. We highly encourage and implore you to become PCI Compliant.
Below are links to additional information pertaining to PCI along with the login page to Security Metrics.
Article ID: 36000167000