PCI DSS: What do I need to do?

Important Note

It is a requirement that all businesses must renew their PCI DSS certificate on an annual basis in order to remain compliant and  avoid non-compliance fees from the acquirer. 

Payment Card Industry Data Security Standard (PCI DSS) is a global  security initiative designed to protect your business, your customers  and the banks. Created by the major card schemes, PCI DSS is a set of  mandatory requirements that apply to all businesses taking credit and  debit card payments, regardless of their size or transaction volume.

When a customer makes a card payment face-to-face via a chip and PIN machine, over the phone or online  they are entrusting your business with their financial and personal  information. Equally, you’re trusting them to be the legitimate  cardholder and be exactly who they say they are.

Every business that accepts, transmits or stores important cardholder  data must be compliant to ensure processing and storage is secure,  protecting against fraud and other financial crime. Being compliant will  not stop fraudsters targeting your business, but it will place you in  the strongest position to prevent an attack and avoid the financial and  reputational damage that can occur as a result.

We recommend that all merchants comply with PCI standards, as it  gives advantages to businesses of all sizes, including: Increased peace  of mind over data security, a demonstrable high regard of customers’  security and an essential component of any vulnerability management  plan.

Failure to comply could result in financial penalties in the event of  data compromise from within your organisation. If you are unable to  demonstrate PCI DSS compliance, you may be liable for any losses that  arise.

Our Partners