Frequently Asked Questions on PCI
(For technical FAQs click here.)
The Payment Card Industry (PCI) Data Security Standard (DSS) was established by the major card brands including: Visa, Mastercard, American Express, Discover Financial Services, and JCB International. All business who process credit cards (merchants) are required to implement the PCI standards into their methods of processing to prevent credit card theft. There are 12 standards that are divided into six groups:
The steps you follow to validate PCI DSS compliance are based on the way you process your customers' credit cards. Validation is an annual process that may require quarterly reporting. Merchant Partners compliance consultants assist you in knowing which standards apply and how you should validate compliance.
Site Certification helps merchants quickly and easily validate PCI compliance. Merchant Partners with SecurityMetrics provides Site Certification to help merchants verify secure credit card handling processes, and if applicable tests merchant Internet systems to determine if they comply with Payment Card Industry Data Security Standards. Site Certification simplifies all aspects of PCI DSS Compliance for your business. It even includes PANscan to help you check if your business unknowingly stores unencrypted credit card numbers on your network.
All businesses that process, view, or store credit card information are required by the Payment Card Brands and their merchant processor to validate compliance with the data security standards.
PCI compliance was first mandated in 2001. The Payment Card Industry Security Standards Council (PCI SSC), the card brands, and your merchant processor are doing their best to make sure all merchants are aware of the standards.
For most merchants the deadline for compliance has already passed (www.pcisecuritystandards.org) Contact your merchant processor to receive details on your merchant account.
If you don't become PCI compliant, potentially you put your business and customers card data at risk of being compromised. Breach of card data for level four merchants on average costs between $36,000 and $50,000. You may also receive fines for not validating PCI compliance from your merchant processor.
Yes. Even though you may only process a few transactions, you still need to implement the data security standards into your processing and validate PCI DSS compliance.
Depending on how you process cards determines your validation type and your requirements to comply with the PCI DSS. Typical steps for level 4 merchants to become PCI DSS compliant include but are not limited to completing the following:
You should login to your account and begin the process of becoming PCI Compliant. Some merchants only need to complete and pass an annual Self Assessment Questionnaire. If Vulnerability Scanning is required for your business, you have to pass the scan(s) and questionnaire before you are listed as PCI Compliant.
The Payment Card Industry classifies level four merchants into five different validation types. The following chart from the Payment Card Industry website gives an explanation of the levels:
Yes. Even though you may not process cards using a computer, your business still needs to validate PCI DSS compliance and implement data security standards into your processing. All businesses that process, view, or store credit card data need to validate compliance.
The Payment Card Brands have mandated the standards and your merchant processor is enforcing validation of PCI DSS compliance.
The Desktop Check is designed for any user whose computer is connected to the Internet. The user must visit our website and start a Desktop Check from the machine they want to check. Site Certification is a higher-level service designed to run a Desktop Check on a specified IP address at least quarterly for a year, depending on the level of service chosen. We update our database with an average of five new vulnerability scripts every week, to keep you protected from the latest vulnerabilities.
*If you have any further questions about PCI compliance, contact a Merchant Partners PCI Support at (866) 889-6176.
Need more information?
Our experienced customer service representatives can step you through the process and answer any questions you have about processing payments on your web site.
Contact Merchant Partners to have one of our representatives contact you within one business day.
Additional Services From Merchant Partners
Our partnerships with leading account providers will help you get your business up and running quickly. Accept all major credit cards, including Visa, MasterCard, American Express, Discover, Diner's Club, and JCB via Online Charge™ .
Easy to use automated billing of recurring payments.
Customizable fraud and risk management system helps you maximize sales and minimize risk.
Add "premium" content areas to your web site that can only be accessed for a fee.
The first step toward accepting payments online is to acquire an Internet merchant account. Without a merchant account, businesses cannot accept credit cards and may miss out on more than 60% of their sales opportunities.
Merchant Partners Software wireless capabilities give you the option of processing transactions from any location that your WAP enabled phone or wireless PDA has service.
For More Information
OR fill out the simple form below.
"Merchant Partners Electronic Check Processing has allowed us to increase revenue streams by provinding enhanced check services to our clients"