• PCI Compliance/Data Security
  • Educational Videos
  • SecurityMetrics
  • PCI Compliance Resources
  • Non-Compliance
• Interchange Fee Schedules
• Cost Reduction Tips
• Fraud Prevention
• Product Reference Tools
• Business Glossary
• Educational Videos

Cardholder Security and PCI Compliance—and How We Can Help

The security of cardholder information is important to both your customers and your business. Credit card and check fraud costs consumers, merchants and financial institutions $51 billion a year.¹

What Is PCI DSS?—Payment Card Industry Data Security Standard

To help guard against fraud, card companies have established the Payment Card Industry (PCI) Standards Council and the PCI Data Security Standard (DSS), which establishes and enforces security requirements for members, merchants and service providers.

One of the most significant PCI DSS requirements is that merchants may not store magnetic-stripe data after an authorization is obtained on a credit card. So magnetic-stripe data must be purged from your records, and from any system you use, after authorization.

If your business fails to comply with PCI DSS, you risk substantial fines—and even risk losing your ability to process credit card payments.

Learn More About PCI Compliance—Watch Our Video

Our PCI Compliance Video gives you a quick, comprehensive overview of cardholder security and everything you can do to be sure your business is PCI compliant.

• Additional PCI resources
• PCI FAQs

What You Can Do

Check your card acceptance system to ensure it is not using:

• Payment applications that store prohibited data
• Non-compliant service providers
• Any other element that may prevent compliance and violate the law

Generally, stand-alone dial-up terminals that communicate directly with networks do not store prohibited magnetic-stripe data after authorization. However, if you use payment processing software or have a third-party provider transmit cardholder data, you may want to take the following actions to make sure information is not stored:

• Contact your third-party vendor to ensure it is PCI compliant
• Engage an approved security assessor, such as SecurityMetrics, to determine your risk and validate compliance

• Five Easy Steps to PCI Compliance

If your business is being charged a fee for non-compliance with PCI DSS, click here to learn what you can do.

The Help You Need From SecurityMetrics

To help you navigate the compliance process, we have contracted with SecurityMetrics, a scan vendor approved by the PCI Security Standards Council.

SecurityMetrics provides online PCI self-assessment questionnaires and quarterly network scans (if applicable). When you contact SecurityMetrics, you'll qualify for a preferred provider discount, and your approval forms will be sent directly to us.

Get started with SecurityMetrics now! Fax a PCI Enrollment Form to 402-916-6487 or call SecurityMetrics
at 800-557-4684.

• SecurityMetrics news

¹2008, Javelin Strategy & Research Report