If you take (or even use) credit cards…

you need to know about PCI-DSS.

As a card holder, PCI-DSS is designed to protect you.

As a business accepting credit cards, PCI-DSS can cost you, BIG TIME.

What is PCI-DSS?

PCI stands for Payment Card Industry.

DSS stands for Data Security Standard.

It’s a security standard, put into place in late 2007, that was created by an organization (the PCI Security Standards Council) that was founded by:

• American Express,
• Discover Financial Services,
• JCB International,
• MasterCard WorldWide, and
• Visa, Inc.

It’s strict & intense, but designed to protect credit card holder data (name & address, card number, expiration date, etc) for being stolen.

I’m a business that takes credit cards, why should I be concerned?

If you’re storing card holder data in an insecure way, it gets stolen, and you’re found to blame – it’s a $50,000 fine per incident.

Okay, what do I do?

For starters, if you are a small business, you can complete the self-audit to assure you’re in compliance.  It’s available on the PCI-DSS site.  Bigger businesses must be audited by a PCI-DSS auditor.

Bottom line: It’s really important if you take credit cards online, or even process them through your computer — that you’re working PCI-DSS certified software, or web applications.

Am I safe working with ISG?

Yes, effective January 1, 2008, we implemented 100% PCI-DSS compliant solutions for handling credit card information.  We’ve also updated existing customers where needed.

If you need assistance with any of the technicalities, we can help you, simply contact us.

Complete information on PCI-DSS is available on the council’s web site.