What is PCI Compliance?

The long name for PCI DSS is Payment Card Industry Data Security Standard. PCI DSS are rules and regulations that show businesses how to keep card data safe. These rules and regulations were put together by the PCI Security Stands Council which is represented by the five major card brands, Visa, MasterCard, Discover, American Express, and JCB.

Why should I care?

If you are taking credit cards as a method of payment, these rules and regulations apply to your business, no matter what size your business is. The major reasons you should care are:

  1. Credit card theft costs small businesses at least $20,000. According to a blog article by Vantiv, one of the largest payment processing banks, if a small business suffers a data breach, a forensic examination by an outside security assessor can cost anywhere from $20,000 to $50,000. If the security assessor finds that the small business in not following PCI Compliance regulations and a breach did occur, the small business could be charged with fines as great as $50,000.
  2. Card data theft is on the rise now due to the introduction of EMV (smart chip) cards in the U.S. Thieves are targeting all sizes of ecommerce businesses to test stolen credit cards, phishing scams to try to gain credit card information, working through viruses to gain access to payment portals, etc.

What can I do to ensure my business is PCI Compliant?

There are also some general rules you should be following within your business to ensure card data is handled safely and securely:

  • Use a shopping cart that is PCI Compliant, like 3dcart. This is the first point of entry for your customers and possible thieves – make sure it’s secured.
  • Do not store credit card information either on paper or electronically, especially in insecure areas. Use your payment gateway to store that information for you, that’s what it’s there for.
  • Create user logins for each employee accessing your payment system. This allows you to monitor transactions per employee.
  • Use strong passwords for all systems. Change passwords frequently and do not share passwords.
  • Install virus and malware protection on all devices.
  • The best defense is knowledge. The PCI Security Standards Council works with top security companies to monitor card data threats and to develop best practices and technologies to defend against those threats. They have put the money into the research and technology, and you get to learn from what they have found. Visit their site for up to date information on PCI Compliance.

The rules and regulations that come with PCI Compliance are there to make your business secure and your customers’ information secure. Security is a necessity, not a luxury. So, ensure that you are getting all the right coverage. The future of your business depends on it.

This was a guest blog post by Persolvent. Persolvent is one of 3dcart’s preferred payment processing partners with over 20+ years helping ecommerce businesses take secure payments. Contact us today to set up an account with no additional PCI Compliance Fees because we know your business is in good hands with 3dcart.