Compliance

Supporting you in reaching PCI compliance

If you process, store or transmit credit card payments your organisation must become PCI DSS (Payment Card Industry Data Security Standard) Compliant.

PCI DSS provides mandated guidelines for the storing of cardholder details, including credit card number, cardholder name and card expiry date.

PCI DSS has been developed by Visa and MasterCard for organisations processing credit card payments. It is designed to prevent credit card fraud due to hacking and various other forms of misuse of cardholder details.

The level of compliance for your business depends on the number of transactions you are processing (or expect to process).

PCI best practices

The key practices you need to achieve are to:

Build and maintain a secure network
Protect cardholder data
Maintain a vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain a policy that addresses information security.

Achieving PCI Compliance

The objective of PCI DSS is for you to become 'PCI Compliant'. Depending on the volume and type of transactions you process it may be mandatory for you to undertake two of the following three tasks.

Mandatory tasks (two of the following)	Required period
On Site Audit	Annually
Vulnerability Scan	Quarterly
Self Audit Questionnaire	Annually

These are required to be conducted by a qualified independent scan vendor such as www.scanalert.com.au.

Find out more

For more information on reaching PCI compliance call 1800 804 411, 8:30am - 5:00pm, Monday to Friday

Credit card provider websites

Email us

Send an email enquiry