The Payment Card Industry Data Security Standards (PCI DSS) are industry security rules set by the major card brands to protect credit card information.
Who are the PCI Players?
- American Express, Discover, JCB, Mastercard and Visa
- They define compliance programs and enforcements
- Assess fines and penalties
PCI Security Standards Council:
- Maintain the PCI DSS standard
- Processes merchant payments card transactions
- Responsible for merchant compliance with PCI DSS
Merchants (C-Store Operators) and Service Providers:
- Accept credit cards therefore store/process/transmit card data
- Must comply with PCI Rules
- Qualified Security Assessor companies are independent security organization that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS
- Clark has partnered with Controlscan to be the QSA for all locations
Who Has to Comply with PCI DSS?
- All merchants and service providers who store, transmit, or process cards must comply with all requirements
As a Merchant what do I have to do?
- Login to your ControlScan account (see ControlScan section below) and complete the following:
- Annual questionnaire
- Quarterly scan, if processing over the internet
For more information about PCI compliance, visit www.pcisecuritystandards.org.