PCI Compliance
All transactions completed by AmCard Payments on behalf of our clients adhere to PCI compliancy regulations. The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information, including merchants and third-party service providers that store, process or transmit credit card/debit card data.
The Payment Card Industry Security Standards Council (PCI DSS) was launched on September 7, 2006, and is an independent body that was created by large payment brands (Visa, MasterCard, American Express, Discover and JCB). The goal of PCI DSS is to improve payment account security throughout the transaction process. It is important to note, that payment brands and acquirers are responsible for enforcing compliance, not the PCI council.
In 2007 Minnesota established the “Plastic Card Act” which states that any company that is breached and is found to have been storing “prohibited” PCI data (i.e., magnetic stripe, CVV codes, track data etc) are required to reimburse banks and other entities for costs associated with blocking and reissuing cards. This law also opens up these companies to private lawsuits.
In fact, credit card companies and acquiring banks can levy stiff fines, and even remove the merchant’s ability to process credit card transactions, if it is determined that PCI compliance has been substantially breached. Considering the importance in meeting these standards, AmCard Payments offers comprehensive consulting and data reporting to our customer base. PCI compliance is generally achieved through:
• Building and maintaining a secure network
• Protecting cardholder data
• Maintaining a vulnerability management program
• Implementing strong access control measures
For specific issues and/or questions pertaining to PCI Compliance, please contact an AmCard Payments Specialist, or for more information on topic, please visit www.pcisecuritystandards.org