What is PCI Compliance & How Does it Impact my Business?
Being in an industry where credit card payments are likely a daily occurrence for your business, you’ve probably heard the team “PCI compliance”. You may have wondered how it impacts your business and what you need to do to make sure you’re meeting the requirements. We’ve outlined the basics below to help you better understand this important topic.
What is PCI (Payment Card Industry) compliance?
PCI compliance relates to the guidelines developed by the PCI Security Standards Council. The Council was created by the five major credit card brands - MasterCard, Visa, American Express, Discover, and JCB. The goal of the Council is to protect credit card data globally. The Council helps merchants, financial institutions, and vendors with understanding and abiding by these guidelines.
Who does this set of standards apply to?
Any business that handles credit card data is responsible for keeping that data secure. This includes businesses that process, store, or transmit credit card information.
How can a business determine if they are compliant?
Depending on the volume of transactions your business completes annually, you’ll fall into one of four levels of compliance. Smaller businesses must complete a self-assessment questionnaire and may be required to have quarterly PCI scans. Larger businesses may also need to have quarterly scans, and are required to have an annual internal audit conducted by a qualified PCI auditor.
It’s important to not just pass an audit or self-assessment annually but to continuously monitor your controls.
How has ThinkReservations committed to PCI compliance?
ThinkReservations completes an annual audit performed by a qualified PCI auditor and regularly scans our controls to ensure ongoing compliance.
When it comes to handling credit card data, ThinkReservations uses tokenization. This means credit card numbers are never stored within ThinkReservations and can never be compromised from within your account. Your business has access to these cards for conveniently taking payments or refunding when needed without exposing your sensitive customer data.
Where can I learn more about PCI compliance?
The PCI Security Standards Council has a comprehensive website dedicated to helping businesses understand and comply with these important guidelines.
We look forward to helping you discover new ways to grow your business!