CompliancePCI Compliance PCI (Payment Council Industry) compliance is a standard set forth by Visa and MasterCard on how merchants store and process credit/debit card transactions. This is a universal, mandatory standard in the card payments industry and must be completed by all merchants on an annual basis. The intention of PCI compliance is to reduce fraud by setting standards in protecting cardholder information. At the minimum this requires merchants to answer a questionnaire on how they are storing and processing cardholder information. These questions can be very technical in nature, and depending on how a merchant processes credit card transactions (IE – terminal, POS system, eCommerce, software), the number of questions and how technical these questions are may vary per merchant and industry. In addition, if a merchant processes over IP (Internet Protocol), the merchant must also provide the IP address of their server and must pass a quarterly scan. A merchant can use a number of resources to help them become PCI compliant. A good start for merchants to understand PCI compliance is at www.pcisecuritystandards.org. Here merchants can find more information about PCI compliance and answer the required annual questionnaire. In addition, it outlines the steps needed for merchants to submit their IP address for the required quarterly scans. Most merchants will use their processor’s resource to help them become PCI compliant. The resource for Card Pay is called Clover Security. More information on Clover Security can be found on the Support Page of our website. Using Clover Security can be an easier and faster way to become PCI compliant. Once a merchant is compliant, Card Pay will forward their successful compliancy to Visa/MasterCard. In addition, Clover Security can be an excellent tool to help merchants understand PCI compliance and speak with live technicians to reduce the time in answering the questionnaire. |