This year weighs heavy on the minds of many retailers who have not yet taken the appropriate measures to ensure their point of sale systems and their retail environments adhere to the Payment Card Industry (PCI) Data Security Standards (DSS) requirements (https://www.pcisecuritystandards.org/). July 1, 2010 marks the deadline mandated by the world’s major credit card companies – Visa, MasterCard, Discover, AMEX, and JCB – for merchants who store, process or transmit payment cardholder data to have a PABP/PA DSS compliant payment application in place.

The use of a compliant point of sale application is required for a merchant’s own PCI compliancy. Those who do not obtain some level of compliance under the PCI DSS may be subject to fines from their banks, or in some extreme cases may have their ability to process credit cards revoked by their banks.

The threat of financial repercussions is spurring many retailers to take action sooner than later. The process for obtaining compliance can vary depending on a merchant’s validation level as defined by the major credit companies and the PCI Council. Visa and MasterCard, for example, provide guidelines for four distinct merchant validation levels. A merchant’s first step in how they meet the deadline for compliance is determining what merchant validation level they fall within. While each of the major companies provides detailed information on these levels, an overview of each can be found at http://www.pcicomplianceguide.org/merchants-20071022-gaining-pci-compliance.php.

A merchant’s desire to keep their customer’s data secure and their business PCI compliant combined with the pace with which regulations and technology change meeting the deadline for PCI compliance in their point of sale system can seem all but an impossible task. Retail Pro International’s point of sale system provides a secure retail management system for retailers to aid them in maintaining a secure environment for their customer’s payment information. To learn more about how Retail Pro International and the Retail Pro software application can help you with your PCI concerns contact us today at info@retailpro.com or visit us at http://www.retailpro.com/solutions/PCICompliance.php.

###

Share:

What is PCI?

The beginning of the twenty-first century has seen such a sharp rise in consumer payment information fraud the need to have a standard for proactive protection was all but inevitable – Enter the Payment Card Industry (PCI) Data Security Standards (DSS).

The PCI DSS are technical and operational requirements established by the PCI Security Standards Council (PCI SSC) which apply to all payment card network members, merchants and service providers that store, process or transmit cardholder data with specific guidance for software developers and manufacturers of applications and devices used in payment card transactions. The PCI DSS affects all payment channels, including retail (brick-and-mortar), mail/telephone order and e-commerce.

The Council is responsible for managing the security standards, while compliance* with the PCI set of standards is enforced by the founding members of the Council; American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Participating organizations include merchants, payment card issuing banks, processors, developers and other vendors. Compliance with the PCI DSS helps these organizations alleviate some of the vulnerabilities they face, protect cardholder data, and ensure consistent data security measures on a global basis.

* Compliance requirements vary depending on geographical location and on a merchant’s level in the eyes of the Payment Card Industry. Detailed information about these levels can be found at https://www.pcisecuritystandards.org/.

Why Seek Compliance?

Often a merchant will make the claim they do not need to be PCI compliant because “they know their system is secure”. It is these scenarios that substantiate the need for a set of guidelines that a merchant can follow to ensure their business does maintain effective measures to protect credit card information from being breached within their network. Failure to do so can have a very severe impact on a merchant’s business, ranging from heavy financial impact and fines to negative public press, impact on their customers and their card information.

The protection of credit card information extends far beyond just ‘knowing’ your systems are secure. There are many facets to system security that will affect a merchant’s potential for a breach that extend above and beyond their Point of Sale system. Basic operational functions such as email and Internet access can result in the Internet-accessibility of a company’s network. These seemingly insignificant paths to and from the Internet can provide unprotected pathways into a merchant’s system and can potentially expose credit card information and cardholder data if not properly monitored and controlled.

How do you get Compliance?

A merchant’s compliance begins with understanding the security of credit card information will be the responsibility of all who have access to their systems from the IT department to their general floor staff – each individual plays a role.

These roles are not limited to just those within your organization. One of the key roles in obtaining your compliance is that of an independent Qualified Security Assessor (QSAs) and/or an Approved Scanning Vendor (ASV). The QSAs/ASVs are instrumental in outlining where a merchant should begin in relation to PCI DSS compliance. Visit the PCI SSC’s site for the list of approved vendors at https://www.pcisecuritystandards.org/.

How can Retail Pro Help You with PCI?

PCI Compliance is a continuous process. Retail Pro International, a Point of Sale and Inventory Control software developer, has taken great measures to ensure all Retail Pro users have available to them a POS application which protects their payment information and aides in the process of maintaining PCI compliance. To learn more about how Retail Pro International and the Retail Pro software application can help you with your PCI concerns contact us today at info@retailpro.com or visit us at http://www.retailpro.com/solutions/PCICompliance.php.

###

Share: