PCI DSS Compliance stands for Payment Card Industry Data Security Standard.
PCI has been mandated by the PCI Security Standards Council which includes the 4 major credit card associations (Visa, MasterCard, AMEX, and Discover). In an effort to reduce fraud and the related cost associated with data breaches, it is mandated that all businesses that accept credit cards (not just Cash Practice members), complete the annual PCI requirement, to ensure merchant's businesses are compliant, including the use of compliant payment applications starting in July 2010.
If you keep credit cards on file in a readable format you're putting your business at risk!
Years ago, it used to be the only way to have an 'auto-debit' was to write down or make a copy of the patient's credit card information, then have a poor staff member manually key-enter the payment into the credit card terminal.
Those days are long gone thanks to advanced technology, credit card fraud, and identity theft! In July 2010 the credit card industry came up with rules and regulations that outline how businesses must handle and protect cardholder data. This is referred to as PCI DSS Compliance (Payment Card Industry Data Security Standards). There are steep fines for violating PCI DSS, however, these rules are in place to protect the business and the consumer.
This is why you want to use a company like CashPractice.com. We securely store and encrypt cardholder data, but you still have the responsibility as a business owner to make sure your business is PCI DSS Compliant.
PCI DSS Certification is a procedure implemented to perform a review of your data SECURITY PRACTICES. This procedure will review if you are currently processing credit cards using approved equipment, POS software, and/or hosted Virtual Terminal under the Payment Card Industry Data Security Standards (PCI DSS) requirements.
- In security terms, it means that your business adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures.
- In operational terms, it means that you are playing your role to make sure your customers' payment card data is being kept safe throughout every transaction and that they – and you – can have confidence that they're protected against the pain and cost of data breaches.
Compliance with data security standards can bring major benefits to businesses of all sizes, while failure to comply can have serious and long-term negative consequences.
To learn more read: What are the PCI requirements?