Questions? Contact Us

 

Latest News

Featured News & Events

Who enforces PCI compliance?

As credit card data becomes increasingly vulnerable to cyber attacks, industry standards have worked to strengthen business security practices to better ensure the privacy and safety of customer data.

Credit card vendors American Express, Discover Financial Services, JCB international, MasterCard and Visa formed the PCI (Payment Card Industry) Security Standards Council came together with the goal of guiding merchants toward a uniform approach to securing credit card data. And the resulting PCI Data Security Standards (DSS) lays out those expectations.

Who is responsible for holding businesses accountable for maintaining PCI compliance? Surprisingly, it isn't the PCI Security Standards Council. Although the Council develops and maintain the PCI DSS, they don't verify that businesses are following the rules. That responsibility falls to the five payment card brands: Visa, MasterCard, American Express, JCB International and Discover. Merchants agree to meet the PCI DSS as part of their contractual obligation with the credit card companies.

Each year merchants who accept credit cards provide a 3rd party validation or self-assessment of their cardholder environment to their merchant service provider. The credit card brands then, at their discretion, apply penalties for non-compliance. Fines are levied against the acquiring banks that hold the credit (think Chase or Bank of America) and those fines are usually passed along to the violating merchant. Or the bank could choose to stop processing credit cards from the violating merchant or enforce an additional monthly processing charge as a penalty.

These rules and penalties apply to all merchants who accept credit cards. Online business ecommerce solutions, such as those offered through ZZ Servers, can help businesses achieve and maintain PCI compliance regardless of whether they have a brick-and-mortar store, operate solely online or do business in both environments.

As an ecommerce solutions provider, ZZ Servers offers PCI hosting packages for PCI Level 1, 2, 3 and 4 merchants. Fully PCI enabled hosting environments are available to all levels of business. We can help you navigate the complex world of PCI compliance and make sure you hold up your end of the bargain.

Understanding PCI Compliance vs SSL Certificate
Think PCI Compliance is challenging? Try understan...

Related Posts

 

Tag Cloud

Windows phishing data privacy Cybersecurity Business Solutions Accountability Act Assigned Names business shared hosting permissions business community cyber security malicious software Email eCommerce INFOSEC HIPPA network vps IT services PCI compliance David Zendzian Debian spam Xen cloud data protection iphone DRP compliant hosting eCommerce Solutions shared folders email accounts windows 7 pci complliant hosting IT black friday mail server cyber protection business solitions VPS Servers ICANN education Web Hosting Continuous Monitoring Control Panel ipad security cloud infrastructure motivation cybersecurity compliance activesync PCI Hosting safe computing IT solutions anti virus OSSEC Server Mangement Business Solutions Internet Corporation Healthcare Records intrusion detection Internet infrastructure health care providers password PCI DSS 3.2 HIPAA Solutions lamp members area IT Solutions Shmoocon PCI Solutions ZZ Servers follow.The HIPAA Privacy Rule bash small business cyber monday Home Depot Breach PCI Compliance IT security Credit Card Security Security hosting control panel spoofing business solutions protect data Medical Solutions TLS Hosting passwords Car Hacking computer security DEF CON QSA video change dss BSides Zendzian Business Planning cell phone email log files shared server Las Vegas cyber liability insurance PCI Disaster Recovery Plan SSL qsa Sysadmin Small Business apache physical security PCI Audit command line Internet multi-factor authentication cli PCI Data Security Standards Vulnerability cyber monitoring HIPAA Scalable Redundant Cloud Infrastructure Linux GDPR World Backup Day computing in the cloud TiaraCon physical PCI Service Provider trends credit cards stolen Presentation smartphone shared secure hosting Charleston Health Insurance Portability Information Technology CentOs HIDS amazon ec2 dsbl security circles kerio Compliance businesses Credit Cards credit card payment employee training Health Care Cybersecurity openssl computer networks Medical Records vulnerability scanning personal information Cybersecurity Cloud Computing assesment embedded Hackers Alarm support cyber phishing attacks ZZ Servers Co-Founder Announcement Geekend two factor authentication arduino IT Services logical security Firetalk Payment Card Industry Ubuntu infrastructure information technology social engineering backup solutions caller-id spf data breach National Cyber Security Awareness Month Online Business teensy recovering data InterWorx blackberry Domani Names exchange Positive Customer Impact vyatta router firewall filter security PCI HIPAA credit card HIPAA solutions healthcare solutions management search Reports sender policy Interworx-CP