The Payment Card Industry Data Security Standards (PCI DSS) are industry security rules set by the major card brands to protect credit card information.
Who are the PCI Players?
Payments Brands:
- American Express, Discover, JCB, Mastercard and Visa
- They define compliance programs and enforcements
- Assess fines and penalties
PCI Security Standards Council:
- Maintain the PCI DSS standard
Acquirers:
- Processes merchant payments card transactions
- Responsible for merchant compliance with PCI DSS
Merchants (C-Store Operators) and Service Providers:
- Accept credit cards therefore store/process/transmit card data
- Must comply with PCI Rules
QSA:
- Qualified Security Assessor companies are qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS
Who Has to Comply with PCI DSS?
- All merchants and service providers who store, transmit, or process cards must comply with all requirements
As a Merchant what do I have to do?
- Login at https://go.clarkbrands.com/aperia and complete the following:
- Annual questionnaire
- Quarterly scan, if applicable
For more information about PCI compliance, visit www.pcisecuritystandards.org.