What is PCI DSS?

PCI DSS stands for Payment Card Industry Data Security Standard. It is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

Payment security is important for every merchant, financial institution, or other entity that stores, processes, or transmits cardholder data. It is vital that every entity responsible for the security of cardholder data diligently follows the PCI Data Security Standards.

What is Payment Security?

Payment security refers to the protective measures and technologies employed in financial transactions to safeguard sensitive information, such as credit card details, from unauthorized access or theft. This includes encryption for secure data transmission, the use of secure websites (https://), two-factor authentication, tokenization to replace actual card numbers, regular transaction monitoring, and maintaining up-to-date software to ensure a robust defense against potential security threats.
 

As a merchant, what can you do to have better payment security?

• Buy and use only approved PIN entry devices at your points-of-sale
• Buy and use only validated payment software at your POS or website shopping cart
• Do not store any sensitive cardholder data in computers or on paper
• Use a firewall on your network and PCs
• Make sure your wireless router is password-protected and uses encryption
• Use strong passwords. Be sure to change default passwords on the hardware and software – most are unsafe
• Regularly check PIN entry devices and PCs to make sure no one has installed rogue software or “skimming” devices
• Teach your employees about security and protecting cardholder data
• Follow the PCI Data Security Standard
 

Where can you get more information on PCI DSS?

To understand more on the security standards and requirements, you may visit https://www.pcisecuritystandards.org/merchants/ for more information.