• Image 01

PCI DSS

Improving security and cutting fraud
Card schemes – such as MasterCard and Visa – need to make sure merchants have protection in place to deter hackers and criminals. Cardholder data is a tempting target for fraudsters – and there’s been a series of recent high-profile security breaches around the world.

What is PCI DSS?
The PCI Security Standards Council manages the security standards for the payment cards industry. The council was formed by Visa, MasterCard, American Express, JCB and Discover.

It works across five main areas:

  • Develop and maintain a global, industry-wide technical data security standard to protect card-holders’ account information
  • Reduce costs and lead times to implement the Data Security Standard. The council works to establish and ensure compliance with common technical standards and audit procedures
  • Providing a list of globally available, qualified security solution providers on its web site to help the industry become compliant.
  • Lead training, education, and a streamlined process for certifying Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs). This provides a single source of approval recognised by all five founding members.
  • Provide a transparent forum, where all stakeholders can contribute to the ongoing development, enhancement and dissemination of data security standards.

Compensating Controls may be considered when an entity cannot meet a requirement explicitly as stated, due to legitimate technical or documented business constraints but has sufficiently mitigated the risk associated with the requirement through implementation of other controls.

NHL Levels

If you are not compliant to the Payment Card Industry Data Security Standards (PCI DSS) you will be responsible for any losses through fraud, and may also face considerable fines. Your customers will suffer if their card details are compromised.

Your business reputation will suffer as a result. Taking responsibility for PCI compliance forms part of your merchant Terms & Conditions.

Kind Regards,

NetHost Legislation, Client Services Representative
Email: info@nethostlegislation.co.uk

© NetHost Legislation
The Registrar of Companies for England and Wales hereby certifies that NetHost Legislation Ltd is incorporated under Companies Act 1985. Company No: 6854018.

 

  Affiliated with - International Register of Certificated Auditors (IRCA)
PECB Patners - Certified Trainers and Management System Auditors