{"id":59212,"date":"2024-05-21T17:21:55","date_gmt":"2024-05-21T16:21:55","guid":{"rendered":"https:\/\/softco.com\/?post_type=glossary&#038;p=59212"},"modified":"2024-05-21T17:21:59","modified_gmt":"2024-05-21T16:21:59","slug":"pci-compliance","status":"publish","type":"glossary","link":"https:\/\/softco.com\/uk\/glossary\/pci-compliance\/","title":{"rendered":"PCI Compliance"},"content":{"rendered":"\n<div class=\"wp-block-cover\"><span aria-hidden=\"true\" class=\"wp-block-cover__background has-background-dim-10 has-background-dim\"><\/span><img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"960\" class=\"wp-block-cover__image-background wp-image-30043\" alt=\"\" src=\"https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term.jpg\" style=\"object-position:18% 49%\" data-object-fit=\"cover\" data-object-position=\"18% 49%\" srcset=\"https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term.jpg 1920w, https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term-300x150.jpg 300w, https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term-1024x512.jpg 1024w, https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term-768x384.jpg 768w, https:\/\/softco.com\/wp-content\/uploads\/2022\/02\/Glossary-Term-1536x768.jpg 1536w\" sizes=\"auto, (max-width: 1920px) 100vw, 1920px\" \/><div class=\"wp-block-cover__inner-container is-layout-flow wp-block-cover-is-layout-flow\">\n<h1 class=\"wp-block-heading has-text-align-center\" id=\"h-pci-compliance\">PCI Compliance<\/h1>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-group\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\"><\/div><\/div>\n\n\n\n<div class=\"wp-block-group has-white-background-color has-background\"><div class=\"wp-block-group__inner-container is-layout-flow wp-block-group-is-layout-flow\">\n<h2 class=\"wp-block-heading\" id=\"h-what-is-pci-compliance\">What is PCI Compliance?<\/h2>\n\n\n\n<p class=\"has-text-color has-link-color wp-elements-65dcd6f18791842751718b6d41fed6a6\" style=\"color:#1976d2\"><strong>Payment Card Industry (PCI) compliance refers to the adherence of an outlined set of procedures and policies set by the PCI Data Security Standard. These standards were developed for all organizations that process, store, and transmit information related to debit, credit, and cash card transactions.<\/strong><\/p>\n\n\n\n<p>Created by the world\u2019s largest card associations, American Express, MasterCard, and Visa, PCI DSS outlines comprehensive data security measures and rules to prevent data leaks and subsequent misuse of cardholder information.<\/p>\n\n\n\n<p>Since 2004, organizations involved in handling cardholder data have had to follow these standards to prevent data misuse and protect cardholder information.<\/p>\n\n\n\n<p>Over the years, the standard has evolved to keep up with evolving threats. PCI DSS v4.0 came into effect on March 31, 2024, and full enforcement will happen a year later. Compliance with updated standards is mandatory for all card brands. However, some parts of the standard may only be applicable to certain organizations as requirements vary depending on how your business processes card transactions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Is PCI Compliance Mandatory?<\/h2>\n\n\n\n<p>Credit card companies generally mandate PCI compliance. Legally, some US states (Minnesota, Washington, and Nevada) have incorporated PCI compliance into state laws, making PCI compliance mandatory for these states. However, compliance with PCI standards is not always mandatory by law.&nbsp; Although compliance is legally optional in other states and jurisdictions, failure to comply with PCI standards could result in fines, penalties, and stricter regulation by card providers and acquiring banks.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Importance of Maintaining PCI Compliant<\/h2>\n\n\n\n<p>Any organization involved in processing card transactions and providing payment services should comply with PCI standards. Compliance is necessary if you are:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A payment processor<\/li>\n\n\n\n<li>Accept card payments&nbsp;<\/li>\n\n\n\n<li>Using your server to process credit card data<\/li>\n\n\n\n<li>Storing cardholder information or involved in handling cardholder data<\/li>\n<\/ul>\n\n\n\n<p>Failure to comply with PCI standards can result in higher risk of account compromise and may result in fines and penalties for your business.&nbsp;<\/p>\n\n\n\n<p>PCI compliance is not only necessary for merchants accepting customer payments, businesses using accounts payable automation should also consider compliance with these standards when selecting their software provider.&nbsp;<\/p>\n\n\n\n<p>Companies using automation for payment processing should ensure that their payment service provider is PCI compliant. Working with PCI-compliant providers reduces the risk of fraud for your organization. Card brands maintain a registry of service providers who are PCI-DSS compliant, you can also ask the provider to present their compliance documentation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How Do I Become PCI Compliant?<\/h2>\n\n\n\n<p>Specific requirements for every card brand can vary. However, organizations need to comply with 12 requirements identified by the <a href=\"https:\/\/listings.pcisecuritystandards.org\/documents\/PCI_SSC_Getting_Started_with_PCI_DSS.pdf\">PCI Security Standards Council<\/a>.<\/p>\n\n\n\n<p>Based on these guidelines, organizations can follow these steps:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Assess<\/strong>. Take stock of all your business processes and IT assets for processing card payments. Audit how your business collects and stores cardholder information and analyze weaknesses that could possibly expose sensitive card information. Some questions to ask include:\n<ul class=\"wp-block-list\">\n<li>Do you have a secure network?<\/li>\n\n\n\n<li>Do you have updated software that protects your systems against malware and computer viruses?<\/li>\n\n\n\n<li>Are your systems password-protected? Are you using strong passwords?<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Remediate<\/strong>. In this step, you need to address the vulnerabilities identified in Step 1.<\/li>\n\n\n\n<li><strong>Report<\/strong>. Submit detailed reports to validate actions taken in Step 2 to address vulnerabilities. You need to submit the report to your acquiring bank and the card payment brand (e.g., Visa, MasterCard, American Express, or Discover).<\/li>\n<\/ul>\n\n\n\n<p>Since PCI requires continuous compliance with updated standards, organizations have to conduct annual self-assessment or independent verification that your organization adheres to the standards. Validation requirements vary based on the card network and the transaction volume handled by your organization.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Stay PCI Compliant with SoftCoPay<\/h2>\n\n\n\n<p>As organizations upgrade accounts payable systems to make vendor payments faster and more efficient, so should payment security measures. Combine <a href=\"https:\/\/softco.com\/uk\/solutions\/accounts-payable-automation\/\">AP automation<\/a> with PCI-compliant payment partners to increase security against fraud, decrease the chances of data breaches, and protect your organization&#8217;s reputation.\u00a0<\/p>\n\n\n\n<p><br>Make <a href=\"https:\/\/softco.com\/uk\/solutions\/softcopay\/\">SoftcoPay<\/a> part of your accounts payable automation process to increase visibility into invoices while creating a faster but more seamless way to settle vendor invoices through secure channels that comply with PCI standards.<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>What is PCI Compliance? Payment Card Industry (PCI) compliance refers to the adherence of an outlined&#8230;<\/p>\n","protected":false},"featured_media":0,"template":"","alphabetletter":[8740],"class_list":["post-59212","glossary","type-glossary","status-publish","hentry","alphabetletter-p"],"acf":[],"_links":{"self":[{"href":"https:\/\/softco.com\/uk\/wp-json\/wp\/v2\/glossary\/59212","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/softco.com\/uk\/wp-json\/wp\/v2\/glossary"}],"about":[{"href":"https:\/\/softco.com\/uk\/wp-json\/wp\/v2\/types\/glossary"}],"wp:attachment":[{"href":"https:\/\/softco.com\/uk\/wp-json\/wp\/v2\/media?parent=59212"}],"wp:term":[{"taxonomy":"alphabetletter","embeddable":true,"href":"https:\/\/softco.com\/uk\/wp-json\/wp\/v2\/alphabetletter?post=59212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}