1300 60 88 60
Virtual Office Login

PCI Compliance

Do I need PCI compliance?

Any business that processes credit card payments must be PCI compliant. Without PCI compliance your merchant provider may cancel your credit card merchant service, in which case you will no longer be able to collect money by credit cards from your customers.

What is PCI compliance?

The Payment Card Industry Data Security Standard (PCI DSS, commonly referred to as PCI) is a set of security standards designed to ensure that all businesses that accept, process, store, or transmit credit card information maintain a secure environment.

The standard was developed by the PCI Security Standards Council which was founded in 2006 by Visa, MasterCard, Amex, Discover and JCB.

If I only accept credit cards over the phone, does PCI still apply to me?

Yes. All business that store, process or transmit payment cardholder data using any method including the telephone, must be PCI Compliant.

How does a business obtain PCI compliance?

In summary, the business must implement PCI standards across its people, processes and technology.

In many circumstances this will include PCI Council certified Qualified Security Assessors, Approved Scanning Vendors, and sometimes PCI Forensic Investigators.

Your PCI compliance status must then be reported to your acquiring financial institutions or payment card brand.

Becoming compliant can be a costly, time consuming and complex effort. Large merchants can spend upwards of $250,000 annually to meet the mandated requirements.

The requirements and standards are found at https://www.pcisecuritystandards.org/

What is defined as ‘cardholder data’?

The PCI Security Standards Council defines ‘cardholder data’ as the full Primary Account Number (PAN) or the full PAN along with any of the following elements:

    Cardholder name
    Expiration date
    Service code

Sensitive Authentication Data, which must also be protected, includes full magnetic stripe data, CAV2, CVC2, CVV2, CID, PINs and PIN blocks.

More

TelcoEdge has Level 1 PCI DSS compliance certification.

Off Shoring and Data Privacy

Take your contact centre and telephone services out of PCI scope with Instant PCI Compliant Phone Payment Solutions

Your business may still need to address other components to complete their full PCI DSS compliance requirements.

Please contact our Customer Solution Experts on phone 1300 20 88 20, or email us at sales@TelcoEdge.com.au

©2017 TelcoEdge Pty Ltd Policies / Terms & Conditions / Contact Us TelcoEdge, powered by Whirlwind