Best Practices

PCI Compliance

Amy Mann
Amy Mann
September 16, 2015

PCI (Payment Card Industry) Compliance is a set of guidelines for protecting credit card data in your business. The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations that were developed by the major card brands in 2006. Each year, you are required to complete a Self-Assessment Questionnaire (SAQ) as a way to evaluate the security in your office.

In 2014, version 3.0 of the PCI-DSS was released. Regardless of what your professional industry is, you must follow these guidelines for protecting credit card data. The rules and regulations of DSS 3.0 apply to any merchant that processes, transmits, or stores credit card data. As a merchant, compliance renewal is required annually even if your firm is using a PCI Certified Service Provider such as LawPay.

Depending on how you process credit cards, your SAQ might ask questions pertaining to how you store credit card information, determine who has access to your payment terminal, or whether you process credit cards via a wireless connection. Overall, the process helps identify potential security risks and protects both you and your clients from fraud. In a recent study conducted by Verizon, the state of PCI Compliance was deemed to be “Getting Better but Still Insufficient.” The study includes analysis of financial services, retail businesses, hospitality, and other level 1 merchant industries that possess high volumes of electronic payments. The report authors stated:

“Our research also shows that the vast majority of organizations are still not sufficiently mature in their ability to implement and maintain a quality, sustainable PCI Security compliance program, and they continue to struggle to provide the required compliance evidence at the time of the annual compliance validation assessment.” Luckily we make it easy to stay ahead. As a benefit to all LawPay clients, we have included a quick PCI compliance program in your package at no additional charge. PCI Central quickly guides you, step-by-step, through the compliance process from choosing your SAQ to generating your digital compliance certificate.