PCI Compliance

As a valued client of DIRECTPAY and as a merchant accepting credit/debit cards for payment, you are required to be compliant with the Payment Card Industry Data Security Standards (PCI DSS) set forth by major credit card companies.

BUILT FOR SAFE PAYMENTS

What is PCI Compliance?

The PCI (Payment Card Industry) compliance standards were created by the major credit card issuers to protect sensitive information and ensure credit card transactions are secure. Any business or financial institution that wants to accept credit cards has to comply with these standards. Non-compliance can result in fines from credit card companies and banks and even the loss of the ability to process credit cards.

 

DIRECTPAY has set up a free PCI Compliance Program to assist you in meeting the requirements. You can access a Self-Assessment Questionnaire that, once submitted, will grant you compliant status.

Why Do You Have to Submit Your Compliance?

The quick and easy answer is to protect your business and your customers. Incidents of fraud -- on a small and large scale-- are on the rise as cyber criminals develop new ways to access and steal credit card information. The PCI DSS requirements may seem obvious, but the rewards of demonstrating your compliance are real.  It's always best to stop security breaches before they happen and annual compliance with the standards is a great way to make sure you are (securely) tying up all loose ends.

 

It will help you protect the safety of your computer network and avoid certain liabilities in the event information is illegally accessed.

 

For a small business, even a small security breach can cost $25,000+ in fines and legal fees. PCI compliance is required AND protects you from potential vulnerabiliaties you may not be aware of.

In order for a merchant to be PCI Compliant,

there are six areas of standards that must be met:

A Secure Network

For online businesses, this means the security of cardholder data on your web server. Most web hosting companies take responsibility for the security of their networks. Your part as an online merchant involves keeping cardholder information safe.

 

For example, if you are on a public network on your laptop, do you house customer information there? Do you have the appropriate firewalls in place to prevent fraudulent access to this information? You must take all necessary measures to ensure that sensitive personal and credit card information are stored in a secure location.

Cardholder Data Protection

Business owners that choose to store cardholder information have an obligation to ensure no one else is accessing it. Many companies choose to encrypt credit card data, so that even if someone did access it they could not use it.

 

This area also pertains to how to credit card information is transmitted. When a customer makes a purchase on your website, their personal information is sent across the Internet. Cardholder data must be encrypted with at least a 128 bit SSL certificate in order to meet this standard.

Monitoring Networks

Regular scans of your computer and checking network access to cardholder data are required to satisfy this standard.

 

There are several security testing and auditing services business owners use for this to help identify and eliminate potential risks.

 

Contact DIRECTPAY if you would like more information.

Vulnerability Management

You can minimize your chances of exposure to fraud by regularly updating the hardware and software on your computers and adding anti-virus software with regular virus scans.

Access Control

Most security breaches are a result of human error. You must limit access to cardholder data to only those who need to use it. Also, giving a unique login/password to each user who can access sensitive information allows you to track any security breaches to their source.

Information Security Policy

Lastly, you must draft and implement a company-wide information security policy to hold all team members accountable for any security breaches. Make sure that your employees know and understand their responsibilities with regards to cardholder data.

How Do You Become Compliant?

Questions About PCI COmpliance?

Please call us at 800-326-9897, Monday-Friday: 9:00am-6:00pm EDT. You can also email us at any time at [email protected].

 

For more information on PCI Compliance, visit the PCI Security Standards Council website here.

At DIRECTPAY, we believe how you get paid is just as important as what you sell. That’s why we go beyond basic payment processing to create seamless, secure, and strategic revenue systems. From merchant accounts to automation tools and expert support, our mission is to help your business run smoother, scale faster and get paid with confidence.

Information

Image

Address

150 Motor Parkway Suite 401

Hauppauge, NY 11788

Image

Call Us

800-326-9897

© DIRECTPAY Inc. All Rights Reserved

DIRECTPAY is a registered Independent Sales Organization of Wells Fargo Bank, N.A., Concord, CA.

DIRECTPAY is partnered with START Merchant Services, a registered MSP of Elavon Inc., a subsidiary of U.S. Bancorp.