PCI Compliance Program for Credit Card Merchants
In October 2015, the PCI Security Standards Council (SSC) released its new Data Security Standard version 3.1, which clarifies some points of version 3.0, which went into effect on Jan. 1. The PCI SSC delivers guidelines to merchants for the safe handling and storage of credit card data. Businesses that do not comply with PCI standards are subject to fines, penalties, and increased transaction and processing costs.
Additionally, effective Oct. 1, 2015, the Europay MasterCard and Visa (EMV) compliance mandate shifted the liability for fraudulent credit card transactions from credit card issuers to merchants. Failure to take the steps necessary to comply with the mandate could result in serious financial consequences and fraud liability for merchants accepting card payments. Cardholder data breaches can also result in the following losses for a merchant: fines; suspension of credit card acceptance by the merchant’s credit card account provider; loss of reputation with customers, suppliers, and partners; possible civil litigation from breached customers; and loss of customer trust. Gas stations and financial institutions have until 2017 to fully comply.
Since 2013, a number of high profile data security breaches at large retailers (Target, Home Depot, etc.), online websites (Ashley Madison, for example), and billion-dollar organizations (Sony Entertainment) have brought higher public awareness to the constant threat of cyber attacks in order to access corporate and personal information.
Additionally, according to a 2013 study on the cost of cybercrime by the Ponemon Institute, the annualized cost of cybercrime increased by 30 percent from 2012 to 2013, now estimated at $11.6 million per year per company studied. As a result, cybersecurity has become a primary concern for many employers.
To help companies demonstrate good faith compliance with the Data Security Standard version 3.1, as well as the EMV mandate, Personnel Concepts has introduced a PCI Compliance Program for Credit Card Merchants. All these changes and more are detailed carefully, along with FAQs and step-by-step instructions, in our exclusive PCI Compliance Program for Credit Card Merchants. The guidebook also includes a targeted attorney brief addressing important changes impacting all payment card-accepting merchants regarding cardholder data information storage.
Who Needs It
All companies that handle, process, transmit, or store credit card data must comply with PCI DDS standards. Failure to take the steps necessary to comply with the mandate could result in serious financial consequences and fraud liability for merchants accepting card payments.
Demonstrate Good Faith Compliance
Our PCI Compliance Program for Credit Card Merchants is designed to help businesses comply with their PCI compliance requirements as well as educate them on their obligations under the new EMV mandates.
Supplements Crucial Information
According to Verizon’s 2015 PCI Compliance Report, released March 12, 2015, nearly 80 percent of all businesses fail their interim PCI compliance assessment. Our program supplements information provided by merchant’s banks and credit card companies to allow for a more comprehensive explanation of how to achieve compliance obligations.
If you’re not completely satisfied with our PCI Compliance Program for Credit Card Merchants, you can return it within 30 days from the original date of purchase for a full refund, less shipping and handling.
Our PCI Compliance Program for Credit Card Merchants includes the following materials and information:
- PCI Compliance Guide designed to help companies ensure that their business understands how these new regulations will impact payment acceptance and cardholder data storage practices.
- 10 Policy Acknowledgment Forms to verify employee understanding of the company policy on following PCI and EMV requirements and the prevention of identity theft.
- Compliance Analysis Checklist to verify that your business is in compliance with current PCI standards.
- 10 each of “Identity Theft” and “Understanding PCI Compliance” training handouts to help ensure that employees understand the new rules and how these regulations affect them.
- An Identity Theft Prevention poster, which will alert employees on the dangers of identity theft and how they can try to prevent it from occurring.
- Open access to a customizable PCI Compliance Policy, Training Sheets, Compliance Checklist and Employee Acknowledgment Form.