The PCI DSS is a standard for the handling of payment card data originally created by Visa, Mastercard and other payment card companies and now managed by the PCI Security Standards Council.
As a consumer, once a transaction is processed on a website, our credit card details are never saved, or if they are, they are kept very safe and only with our consent. PCI DSS ensures that any company that handles credit card data has taken the necessary care to ensure that the information is handled in the appropriate manner.
As a company, if you handle credit card data, then you have an obligation under the new standards to comply. The dates for enforcement are unclear, but Visa and Mastercard are forcing their customers (the banks) to put the pressure on you (the merchants) to make sure you have followed the guidelines.
An increasing number of e-commerce site owners are receiving letters from their bank or merchant account provider warning them that they need to prove their compliance with the Payment Card Industry Data Security Standard (PCI DSS) card security standard. These letters often carry a warning that merchant facilities may be withdrawn if the merchant does not comply with the bank’s requirements, and that fines can be passed on to the merchant in the event of a data breach.
TJS have investigated the mechanisms for compliance and identified that there are four levels within which merchants are classified:
TJS are experts in e-commerce and can guide you through the requirements for the PCI DSS compliance of your e-commerce site. This may only be providing you with a server certification, or you may need us to help complete your questionnaire.
Whatever your concern, we’re here to help. For advice on audits, self-assessment questionnaire, PCI DSS scans or any other aspect of PCI DSS please contact us about PCI DSS compliance.