“PCI” is an acronym for Payment Card Industry.
In 2001, Visa was the leader in the payment card industry regarding cardholder data security. Today, all merchant service providers in the industry have an integral role in assuring that cardholders and their data are secure.
Although Visa established itself as the pioneer of the “PCI” as an acronym for payment card industry, the other payment card associations have followed suit. There is MasterCard’s SDP (Site Data Protection), American Express’ DSOP (Data Security Operating Policy), and Discover’s DISC (Discover Information Security Program). All of these institutions work together within the PCI Security Standards Council to help ensure merchants keep cardholder data safe from consumer identity theft.
Any entity, including merchants, that store, transmit, or process consumer card data, must be PCI Compliant. The payment card industry is an integral part of doing business in today’s digital world, including the now huge component of internet credit card processing.
The main components of the PCI program are listed below:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program (i.e. using up-to-date antivirus software)
- Implement Strong Access Control Measures (i.e. restrict data access on a need-to-know basis)
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
All of these items seem fairly obvious but it is not a “set it and forget it” kind of program. Data security is a fundamentally crucial and continuous process required to maintain for your business and your customers.
As you seek to obtain and/or maintain proper network and transaction security, you will find that Redstone Payment Solutions is a valuable asset as your payments card industry partner.