PCI DSS: What do I need to do?
Shortly after you join Retail Merchant Services, you will receive an email regarding your annual PCI Compliance. This will include a brief self-assessment questionnaire, which will guide you step-by-step through becoming compliant and must be completed and submitted online by you.
Important note: It is a requirement that all businesses must renew their PCI DSS certificate on an annual basis in order to remain compliant and avoid non-compliance fees from the acquirer.
You will receive annual reminders to renew your PCI DSS certificate, giving you peace of mind and ensuring you avoid non-compliance penalties.
PCI DSS compliance explained
Payment Card Industry Data Security Standard (PCI DSS) is a global security initiative designed to protect your business, your customers and the banks. Created by the major card schemes, PCI DSS is a set of mandatory requirements that apply to all businesses taking credit and debit card payments, regardless of their size or transaction volume.
When a customer makes a card payment face-to-face via a chip and PIN machine, over the phone or online they are entrusting your business with their financial and personal information. Equally, you’re trusting them to be the legitimate cardholder and be exactly who they say they are.
Protection for your business and security for your customers
Every business that accepts, transmits or stores important cardholder data must be compliant to ensure processing and storage is secure, protecting against fraud and other financial crime. Being compliant will not stop fraudsters targeting your business, but it will place you in the strongest position to prevent an attack and avoid the financial and reputational damage that can occur as a result.
What you will gain from being PCI compliant
We recommend that all merchants comply with PCI standards, as it gives advantages to businesses of all sizes, including: Increased peace of mind over data security, a demonstrable high regard of customers’ security and an essential component of any vulnerability management plan.
Failure to comply could result in financial penalties in the event of data compromise from within your organisation. If you are unable to demonstrate PCI DSS compliance, you may be liable for any losses that arise.
Call us for further advice
The set of standards can be found on the PCI SSC’s website.
For further advice on how to become PCI DSS compliant please contact our Customer Service team.