PCI Compliance – What Do You Need to Know?
PCI compliance is a hugely important factor for any retailer, however many retailers don’t understand what it entails or what their responsibilities are, which can leave them open to fines.
PCI DSS stands for the Payment Card Industry Data Security Standards, who are responsible for creating rules and regulations to keep cardholder data safe and secure. For any business that stores, processes or transmits card information, you will need to understand PCI compliance and your role when it comes to keeping your customer’s information safe.
The basics of PCI compliance
There have been a few additions to PCR compliance since it was first introduced in 2004, however the basics have always remained the same – to protect confidential card information. Card information can be anything which is found on a payment card, including the full magnetic stripe data, PINs, CVV number, expiration date, service code, and full Primary Account Number.
There are 12 requirements that need to be followed in order to be PCI compliant, which are split into the following sections:
- Build and maintain a secure network
- Maintain an information security policy
- Protect cardholder data
- Monitor and test networks regularly
- Put strong access controls in place
- Upload a vulnerability management plan
This standard is applicable to any business who has ever accepted any payment by card, even if it has only happened once. You are expected to provide proof of PCI DSS compliance to your bank, so this is something that you will need to keep track of.
What happens if you don’t comply?
If you fail to comply with PCI compliance, your business is at risk of being fined by payment providers, with charges up to £80,000 depending on the size of your business. Banks may also choose to offset the cost of fines through increased transaction fees, potentially resulting in higher overall fees for your business.
If you continue to be non-compliant, you may lose the ability to process card payments at all.
How to ensure you are PCI compliant in your business
Maintaining PCI compliance can be difficult, especially for businesses that don’t have a huge amount of time on their hands. With so many different things to think about and steps to implement, it can be useful to hire external help to ensure you are following the rules correctly.
FFP offer PCI compliance assistance with all of our card machines, making sure all cardholder details are protected at all times.
This not only gives you the peace of mind you need, knowing you will not be incurring any unexpected fines, but also provides additional security for your customers as they can be assured their details are being kept safe and secure.
How FFP can help
At FFP, the safety of our customers and yours is right at the heart of everything we do. If you’re interested in finding out more about our PCI Compliance support function, get in touch with us today and one of our friendly team members will be able to help.