Security Policy
Payment Card Industry Data Security Standards (PCI DSS)
What are Payment Card Industry Data Security Standards?
Visa® and MasterCard® have mandated compliance standards to ensure cardholder data (e.g. cardholder name, account number, expiration date) is processed, transmitted, stored and/or retained in a secure manner. Under NO circumstances should card track data (cardholder data contained in the magnetic stripe) be stored.
Who must comply with these standards?
All merchants accepting credit and debit card transactions must comply with PCI DSS.
What do I need to do?
You may need to complete a Self-Assessment Questionnaire and perform a Quarterly Network Scan on your system to detect potential vulnerabilities. Contact SecurityMetrics, our preferred certified third party Assessor, at (800) 557- 4797 for assistance. Please reference code “LMS” to take advantage of discounted rates.
What if I don’t comply?
You could face significant fines and be financially responsible for any transactions that may become compromised at your location or any other merchant location where the compromised card is used fraudulently.
Where can I get more information on PCI DSS, Security Metrics, and alternate Assessors?
|
