To improve security and cut fraud, the card schemes have created a set of Payment Card Industry Data Security Standards (PCI DSS) informing merchants and the payment industry how to securely store, process or transmit card data.
As a merchant you are required to adhere to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures.
If you are not compliant to the PCI DSS, you will be responsible for any losses through fraud, and will be subject to considerable fines from the card schemes. In addition, your customers will suffer if their card details are compromised and your business' reputation will be seriously damaged.
To become compliant to the PCI DSS, each of your business' profiles must follow the 12 requirements below and then validate your PCI DSS status using a Qualified Security Assessor. You'll need to continuously assess your operations, fix any vulnerabilities that are identified, and always send your latest certificate of compliance to CashFlows.
Please Note: If your business does not provide us with the latest certificate of PCI DSS compliance then you will automatically be enrolled on the CashFlows Compliance Programme.
For more information about PCI DSS, please visit www.pcisecuritystandards.org.