PCI Compliance

PCI DSS Compliance: Securing Your Online Transactions

Protect your business from cyber fraud.

What is PCI Compliance?

On September 7, 2006, five of the leading credit card associations founded the PCI (Payment Cards Industry) Security Standards Council (SSC). Their goal, and the goal of PCI compliance, is to protect sensitive cardholder information from credit card fraud.

PCI SSC Founders Participating Organizations
VISA International Banks
MasterCard Worldwide Merchants
American Express Processors
JBC Developers
Discover Financial Services Point-of-Sale Vendors

When the PCI SSC took on the task of reducing the risk of fraudulent credit card use, they established the PCI Data Security Standards (PCI DSS). PCI DSS consists of 12 requirements and corresponding sub-requirements. PCI compliance means that participating organizations have met and are maintaining all of the PCI DSS requirements to protect credit cardholders from having their information stolen.

How can I become PCI compliant?

Making your business PCI compliant takes time, but is fairly easy. To become PCI compliant, you need to meet and maintain the following goals and requirements. The actual details of what you’ll have to do may vary depending on the size and nature of your business.

Goals PCI DSS Requirements
Build and Maintain a Secure Network
  • 1. Install and maintain a firewall configuration to protect cardholder data
  • 2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
  • 3. Protect stored data
  • 4. Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
  • 5. Use and regularly update anti-virus software on all systems commonly affected by malware
  • 6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures
  • 7. Restrict access to cardholder data by business need-to-know
  • 8. Assign a unique ID to each person with computer access
  • 9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks
  • 10. Track and monitor all access to network resources and cardholder data
  • 11. Regularly test security systems and processes
Maintain an Information Security Policy
  • 12. Maintain a policy that addresses information security

Because PCI compliance requirements are not the same for all merchants, making certain you’re compliant can be tricky. To make your life a little easier, we offer McAfee® PCI Certification Service. It’s an easy-to-use system that helps Level 2, 3, and 4 merchants successfully complete the PCI DSS requirements. It includes:

  • Network configuration
  • Website scanning
  • Complete vulnerability remediation
  • Technical support
  • Online self-assessment questionnaire
  • PCI Wizard to help you manage compliance activities

The Cost of PCI Compliance

How much does it cost? If you purchase the McAfee® PCI Certification Service through Instabill, you’ll only pay $99 per year–a 65% savings. Sign up for McAfee’s PCI Certification Service today!

For more information about PCI compliance or the McAfee® PCI Certification Service, call us toll-free at +1 800-318-2713 or contact us online today.