PCI-DSS Compliance

Payment Card Industry (PCI) Data Security Standard (DSS) was developed in response to acquirers, merchants, and service providers' need for a standard, best practice to safeguarding sensitive data.

Officially announced in January 2005, PCI-DSS was co-written by Visa and MasterCard and endorsed by the other leading card schemes. Today, an entity may achieve compliance to multiple card scheme specific, mandated security programs through a single validation mechanism and standard, the globally accepted PCI Data Security Standard.

Non-compliance

Card schemes may enforce the standards with financial penalties for non compliance. In extreme circumstances, the acceptance privileges of a merchant or service provider may be revoked if compromised and non compliant.

The 12 PCI Standards

The payment card industry has established a standard set of requirements for governing the safekeeping of cardholder information throughout the transaction process. The PCI DSS is applicable to all/any entities (not restricted to e-commerce) that store, process or transmit cardholder data. What are these standards?

Parties Requiring Compliance 

As a Payment Service Provider, GlobalCollect is a level 1 compliant company. GlobalCollect has been fully and independently audited as meeting the highest standards of the Payment Processing Industry. Merchants using GlobalCollect’s online WebCollect with a Customer Link or with a Call Center Application and do not handle card details themselves are already covered by GlobalCollect’s compliance. Customers using WebCollect Merchant Link or customers handling card details themselves will need to undertake a separate PCI compliance procedure.