The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information, maintain a secure environment.
This also helps minimise fraud by increasing the controls around cardholder data, helping to protect customers and businesses from the increasing threat of card fraud.
PCI DSS outlines the minimum-security requirements to help businesses handle payment information securely. The Card Schemes require that any business accepting cards for payment of goods or services must be compliant with the PCI DSS. Central to this is that you protect your customers’ payment card data. You must make sure that you always have security controls in place to maintain your compliance. Your customers trust you to keep their information safe, you need to repay that trust with, at the very least, compliance with the PCI DSS.
You have three months from opening your account to validate compliance with us.
Who sets the standards?
PCI DSS is a collaboration between the major Card Schemes (American Express®, Discover Global Network®, JCB®, Mastercard®).
What are the requirements?
PCI DSS provides a baseline of technical and operational requirements designed to protect payment account data. Learn more about its requirements, security controls and processes, and steps to assess compliance inside this PCI DSS Quick Reference Guide.
When do I need to complete attestation/become compliant?
To report your PCI DSS compliance for your business, you need to identify and complete the appropriate Self-Assessment Questionnaire.
Securing your business requires the following steps:
Analyse your business practice and processes
Research the appropriate security solutions for your business
Implement and maintain security solutions
What can happen if I am non-compliant?
Not being compliant with the PCI DSS can leave your business at risk of a data breach and related costs. Most people don’t realise that these can be quite substantial and can include card scheme fines and card replacement costs. Other factors include loss of customer confidence and damage to the reputation of your business. You will also be subject to a £35 monthly non-compliance charge.
How to register
To register as PCI DSS compliant, please click the relevant link below, depending on your relevant merchant bank.
Clover - First Data (fiserv.com)
Elavon - Login (elavonsecuritymanager.com)
PCI Helplines
Clover PCI Helpdesk - 0330 808 1606 (Opening Hours 9am-5pm Monday-Friday)
Elavon PCI Helpdesk - 0330 808 3301 (Opening Hours 8am-6pm Monday-Friday)