Level 1 Service Provider PCI Compliance
PowerPay is recognized as Level 1 Service Provider PCI Compliant with the PCI Data Security Standard (DSS), as advised under the program rules of both Visa and MasterCard for validated Service Providers. Level 1 Service Providers must adhere to the strictest data security standards and must undergo and document an annual on-site PCI Data Security Assessment and quarterly vulnerability scans.
PCI Certificate (PDF)
Working with You to Protect Your Business and Your Customers
Payment Card Industry (PCI) compliance refers to a set of data security guidelines designed by the Payment Brands specifically to keep customers’ account data from being compromised. As technology aimed at breaches evolves, and instances of theft continue to increase, data security is more important than ever. PowerPay is dedicated to working with you to protect your customers and your operations by helping you ensure that your business is PCI compliant.
The Importance of PCI Compliance
Businesses that are PCI compliant not only help protect their customers’ information, they also portray a positive and trustworthy business image and build success by developing a high level of customer confidence. By being PCI compliant, you will help protect your business from breaches that can lead to significant fines, penalties, liability issues, a loss of productivity, and severe damage to business reputation. While following PCI requirements does not absolutely guarantee 100% protection against a breach, being PCI compliant does absolutely increase data security and helps protect businesses from easily avoidable threats.
The Responsibility of Merchants and Service Providers
The area of PCI compliance which applies to merchants is called the PCI Data Security Standard (PCI DSS). The PCI DSS consists of 12 requirements developed by the PCI Security Standards Council. Any merchant or service provider (i.e. payment gateway, shopping cart, web hosting company, etc.) that accepts, handles, stores, or transmits credit card information is required by the Payment Brands to validate PCI compliance every year. Validate PCI Compliance by following the steps outlined on the PCI compliance website. Once complete, please submit your validation documentation to PowerPay’s PCI Compliance Team. Compliance requirements continue to evolve as businesses change and new data security threats emerge.
Taking the steps to be PCI compliant on an ongoing basis will help you to make sure you maintain a high level of security for your business and your customers. PCI validation may be required annually, but being PCI compliant is required at all times. Businesses must have ongoing monitoring plans in place to ensure they maintain compliance all of the time, not just one day each year to answer a questionnaire. Failure to keep up PCI compliance after validation has been attributed as a leading factor in breaches, significantly increasing the risk for both merchants and service providers.
Questions?
Please read our Frequently Asked Questions or Contact the PowerPay PCI Compliance Team.
*PowerPay does not endorse any links included on the website, and information is subject to change at any time. PowerPay believes this information to be valid and current, but cannot guarantee it as other entities such as PCI Security Standards Council, Payment Brands and others may change the information provided without notice.
Did you know?
A new brand of criminals known as “Carders” exists and targets stealing credit card information.
This type of organized crime was responsible for over 90% of 285 million private data compromises in 2008.
(Source: Verizon Business Data Breach Report)
26% of U.S. consumers have received data breach notifications from organizations holding their personal data.
(Source: Javelin Strategy and Research)
PowerPay is a registered MSP/ISO of: HSBC Bank USA, National Association, Buffalo, NY. ©2010 All Rights Reserved.
