The Payment Card Industry Data Security Standard (PCI DSS) was originally developed as Visa’s Cardholder Information Security Program (CISP) in 2001 and was subsequently updated and adopted in 2006 by all of the major card brands as an international standard. The PCI DSS consists of 12 high-level requirements and approximately 220 sub-requirements. All organizations that store transmit, or process cardholder data must comply with the standard at all times. Cardholder data is defined by the card brands as consisting of the Primary Account Number (PAN) alone and other elements if they are stored with the PAN.
Certain companies may also be required to demonstrate compliance through completion of a self assessment questionnaire or onsite assessment and network scan. Achieving PCI DSS compliance can be a daunting task for those unfamiliar with the card brand rules.
Through its innovative solutions such as ProtectPay®, the MicroSecure Card Reader™, and Secure Payment Interface, ProPay is able to dramatically reduce or even remove the need to comply with many of the PCI DSS requirements. How is this done? By removing the storage transmission, and processing cardholder data, companies no longer have to comply with the PCI DSS requirements. As stated on page 5 of the PCI DSS “PCI DSS, however, does not apply of PANs are not stored, transmitted or processed.”
For more information on the PCI DSS and the card brand security programs, visit the links below.
Payment Card Industry Security Standards Council