• (775) 229-4254
  • support@itmsnv.com
Information Technology Professionals

Call Today (775) 229-4254

Industry Standard Resources

What is the Payment Card Industry Data Security Standard (PCI DSS)?

PCI DSS (or just PCI, for short) was established in 2004 by the five founding brands of the PCI Security Standards Council: American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc. The objective of PCI is to increase controls on payment (debit/credit) card data to reduce organizations’ exposure to payment card theft.

The process of validating PCI compliance varies based on an organization’s annual payment card transaction volume. Merchants that process more than 6 million Visa and/or MasterCard transactions or more than 2.5 million American Express transactions annually (categorized as level 1 merchants) must hire a PCI Security Standards Council-approved qualified security assessor (QSA) to conduct an annual assessment, which results in a Report On Compliance (ROC). Merchants that process fewer payment card transactions annually (level 2, 3 and 4 merchants) may validate compliance by completing a Self-Assessment Questionnaire (SAQ).

THEWEBWhether self-assessing or submitting to a QSA-driven assessment, an organization whose payment systems are networked must submit quarterly vulnerability scans of its Internet-facing systems, performed by an Approved Scanning Vendor (ASV). To determine whether a vendor is an ASV, connect to: https://www.pcisecuritystandards.org/approved_companies_providers/approved_scanning_vendors.php.

Although PCI isn’t law, payment card companies enforce compliance by providing more-favorable exchange rates and/or imposing contractual penalties and sanctions, including revocation of a merchant’s right to accept their brand of payment cards.

Click here to access all PCI documentation

Client Testimonials

We found IT Master Services several months ago when we were in crisis mode. In the most professional manner imaginable, Mark was able to alleviate our fears and establish a completely smooth transition from our former IT company. We have found him to be sincere, dedicated and knowledgeable. His solutions have been practical and his recommendations to be excellent. I have nothing but the strongest of recommendations to give.

John F.
Sparks, Nevada