PCI stands for Payment Card Industry Data Security Standard. It is a global standard designed to prevent the theft of data when credit card transactions occur. PCI is endorsed by all major credit card associations. Merchants must be PCI compliant in order to accept payments by credit cards. This means that it is extremely important to your business to be PCI compliant.
The following is a checklist of the most important requirements of PCI compliance:
Protect cardholder data by installing a firewall and keeping it up to date.
- Create your own secure passwords on all equipment and devices; NEVER use the default passwords given by the vendor when purchased.
- Securely encrypt any cardholder data that you must store; or even better, don’t store cardholder data unless it is absolutely necessary.
- When transmitting a cardholder’s information over a public network, use secure encryption to protect their data.
- Install antivirus software on all equipment and keep the software up to date.
- Only use secure credit card processing systems or applications.
- Develop a strict policy on who has access to cardholder data. It should only be given to individuals who “need-to-know.”
- Every person who DOES have access to cardholder information should have a unique user ID.
- Implement physical security measures. Cardholder data should be kept in a physically secure environment, e.g. a lock cabinet or a safe.
- Monitor all access to networks and cardholder data.
- Perform regular tests on your network and security systems.
- Develop a security policy. Train all employees to understand the security policy, and ensure that the security policy is maintained.
PCI Compliance Requirements and CDKPay
Let CDKPay pay help you meet these requirements. We are a PCI compliant company, and we can help you implement the necessary actions on this PCI Compliance Checklist. This is just one way that CDKPay helps to protect you from risk and fraud.
Safeguard your business and your customers with a robust Fraud & Risk Management System.