The Payment Card Industry (PCI) consists of organizations that handle debit, credit, prepaid, and ATM payment card data, including credit card companies, financial institutions and merchants. PCI Data Security Standards have been designed to ensure that these organizations will maintain the payment cardholder data in a secure environment, whether they store, process, or transmit the information. The major credit card brands (Visa, MasterCard, American Express, Discover, and JCB) are responsible for enforcing compliance, and the PCI Security Standards Council sets the requirements.
All organizations or merchants that have a Merchant ID (MID) are required to comply as specified in their agreements with the credit card companies and through legislation in several states. The standards aim to minimize identity theft and fraudulent transactions and to regulate consistency in data security measures. Merchants who fail to meet the PCI Data Security Standards may incur fines from credit card companies and financial institutions and risk losing their ability to process payment cards. The U.S. Federal Government is considering the enactment of laws that will make PCI Compliance mandatory across the U.S.
All merchants that accept payment cards, regardless of sales volume, are required to meet these six requirements:
TBS assists companies with maintaining PCI Compliance through protection of payment card data, data destruction services, hard drive destruction, and recycling of equipment that does not comply with PCI regulations. Contact us for assistance in achieving or maintaining PCI compliance today.