As digital payments continue to dominate the commerce world, the threat of data breaches spreads over businesses that assume they won’t be targeted. PCI compliance refers to a responsibility to abide by a standard enforced by the Payment Card Industry Security Standards Council (PCI SSC), made up of the major payment card brands – Visa, Mastercard, American Express, Discover, and JCB. The PCI Data Security Standard (DSS) is the Council’s set of mandatory technical and operational requirements intended to standardize and protect the handling of sensitive cardholder information. Any business that accepts credit card payments must abide by PCI standards, and validate their compliance annually.
PCI compliance is achieved when you successfully pass an annual attestation in the form of a PCI audit. This includes the completion of a Self-Assessment Questionnaire (SAQ). With BQE ePayments, you don’t have to handle PCI compliance on your own. There is a program called SaferPayments that provides guided support of PCI compliance management to your business. BQE ePayments automatically enrolls you with this program to ensure PCI compliance.
As part of your SaferPayments enrollment, you will receive automated emails about your portal, profile, and compliance status. These messages keep you on track for deadlines and renewal, help keep your network secure, and keep you in the know about all things PCI.
Who needs to opt for PCI compliance?
What is the SaferPayments PCI certification process?
What is SaferPayments?
As a business accepting online payments and branded payment cards, you need to take a number of steps in order to protect your business and prevent an account data compromise. The SaferPayments program helps you to take the steps you need to comply with the PCI DSS and protect your business. It is a payment protection solution that can help you save time and resources by taking on the complex responsibilities of fraud protection, security and compliance against new and evolving threats to your clients. SaferPayments offers simplified PCI compliance, fraud protection, and data breach prevention – with security tools, services, and expert support that helps businesses uncover risks, complete their PCI attestation, and reduce liability.
Who needs to opt for PCI compliance?
Any business of any size that stores, processes, or transmits credit card information must comply with the PCI DSS. The compliance requirements specific to your business depend on your annual transaction volume, which determines your PCI compliance level:
- Level 4: Less than 20,000 transactions per year
- Level 3: 20,000 to 1M transactions per year
- Level 2: 1–6M transactions per year
- Level 1: More than 6M transactions per year
What is the SaferPayments PCI certification process?
To help you understand the areas of your business that might be at risk, there is a security assessment and scanning process involved. You will be asked questions about how your business is set up to handle credit and debit card payments. Please refer to the PCI Security Standards Council PCI DSS v4.0 Resource Hub for more information. You need to choose an assessment method by which you would like to provide your PCI DSS: Self Assessment Questionnaire (SAQ) or Attestation of Compliance (AoC). PCI requires that each merchant organization have an information security policy in place. If you do not already have a policy, a free template is provided for you to fill out and have on hand. After your business profile is complete, SaferPayments will determine what SAQ type you are required to complete based on your answers.