|
|
What is PCI DSS?
Payment Card Industry (PCI) and Data Security Standard (DSS), are mandates required by payment brands (Visa Inc, MasterCard Worldwide and other credit card brands) to ensure the protection of card holders. All merchants who offer credit card acceptance MUST maintain compliance with the PCI DSS. |
For the most up to date information please visit http://www.pcisecuritystandards.org/ or http://usa.visa.com/merchants/risk_management/cisp_overview.html
For an online presentation please download this PDF: https://www.pcisecuritystandards.org/pdfs/pci_ssc_quick_guide.pdf |
What if you are not PCI DSS certified?
In the event of a breach, you may and will be responsible for fines of up to $500,000 per card brand. In addition to these fines you would also be responsible for the expenses such as legal fees, law suit, re-issuing fees as well as unauthorized fraudulent transactions. You will be required to have quarterly or annual audits with a minimum cost of about $5000.
What are your responsibilities?
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized: You must |
Build and maintain a secure network |
1. 2. Install and maintain a firewall configuration to protect cardholder data Do not use vendor-supplied defaults for system passwords and other security parameters |
Protect cardholder data |
3. 4. Protect stored cardholder data Encrypt transmission of cardholder data across open, public networks |
Maintain a vulnerability management program |
5. 6. Use and regularly update anti-virus software or programs Develop and maintain secure systems and applications |
Implement strong access control measures |
7. 8. 9. Restrict access to cardholder data by business need-to-know Assign a unique ID to each person with computer access Restrict physical access to cardholder data |
Regularly monitor and test networks |
10. 11. Track and monitor all access to network resources and cardholder data Regularly test security systems and processes |
Maintain an information security policy |
12. Maintain a policy that addresses information security for employees and contractors |
|
Please fill the following page and a CPMS business manager will call you. |
|
Pricing: |
It his necessary that a representative speak to you directly to determine your validation type as well as pricing. Once you've completed the above form, one of consultants will contact you. Price ranges from $99 to $179 , depending on your setup. Your package includes: |
- 12-month service
- PCI approved external vulnerability scanning
- Online PCI Self-Assessment Questionnaire (SAQ)
- Scans performed automatically each quarter
- Unlimited rescanning
- Unlimited calls to customer/technical support
- Use of Site Certified logo
- Acquirer reporting
|
|
|
|
|