Originally written by Geoff Forsyth on Small Business
PCI DSS compliance can often seem like a mountain to climb for small businesses, but that needn’t be the case. With the right knowledge and the right partners, it can be understood (and achieved) without much trouble at all.
What is the PCI DSS?
PCI DSS stands for Payment Card Industry Data Security Standard. It is an international security standard which was set up by the biggest names in the payment card industry (Visa, MasterCard, Discover, American Express and JCB) to help businesses process card payments safely and securely, helping them to avoid credit card fraud.
The standard enforces strict guidelines regarding the processing, storage and transmission of private cardholder data.
See also: 40% of the UK’s micro businesses do not accept card payments
Who needs to be PCI DSS compliant?
All companies that take credit card payments. If you accept, store, transmit or process cardholder data then PCI DSS applies to you. It doesn’t matter how large or small your business may be, you are obliged to comply with the standard.
What is PCI DSS Compliance?
PCI DSS sets out 12 requirements that merchants need to meet if they are to comply, as follows:
►Build and maintain a secure network
• Install