Fintech Payments
  • How we can help you
  • Solutions
  • Offer a Payment solution
  • Contact
  • Clients
  • Sign in
enero 28, 2020 por Francisco Romero

PCI Compliance levels

PCI Compliance levels
enero 28, 2020 por Francisco Romero

All entities that process, store or transmit cardholder data must be in compliance with the Payment Card Industry Data Security Standard (PCI DSS), a global mandate from the card brands. While PCI compliance levels vary, compliance is mandatory for any business that accepts credit card payments.

PCI offers a tangible framework for merchants to identify and address payment card data threats and vulnerabilities that could lead to a breach. It holds merchants accountable for securing their business environment and for business policies (or lack thereof) and employees’ actions that lead to a data breach.

The PCI council isn’t equipped to check into every business to make sure PCI regulations are being met, but the consequences of non-compliance can be grave. If a breach occurs and it’s determined that the business was not compliant at that moment, it will face hefty fines and fees as well as reputational damage and customer attrition.

PCI compliance requirements

There are 12 over-arching requirements for PCI compliance:

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel
The PCI compliance levels

There are four levels, or tiers, of PCI compliance that merchants are organized under based upon their card transaction volume (credit, debit, and prepaid) over a 12-month period. If a merchant suffers a breach that results in account data compromise, they may be escalated to a higher level of compliance.

Artículo siguiente What Is a Payment Gateway?

Deja una respuesta Cancelar la respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

About The Blog

Nulla laoreet vestibulum turpis non finibus. Proin interdum a tortor sit amet mollis. Maecenas sollicitudin accumsan enim, ut aliquet risus.

Entradas recientes

KYC complianceenero 28, 2020
What Is a Payment Gateway?enero 28, 2020
PCI Compliance levelsenero 28, 2020

Categorías

  • Uncategorized

Meta

  • Acceder
  • Feed de entradas
  • Feed de comentarios
  • WordPress.org

Contact

General Pardiñas, 92, 2nd Floor.
Madrid
info@fintechpayments.eu
+34 684 19 84 93
Mon. - Fri. 8AM - 6PM

Additional information

  • Privacy Policy
  • Sign in
  • Register

Our research

KYC complianceenero 28, 2020
What Is a Payment Gateway?enero 28, 2020
PCI Compliance levelsenero 28, 2020
©2020 FintechPayments and/or its affiliates. All rights reserved.