Businesses that keep payment data security practices up to date and top of mind reduce the risk of falling victim to several common types of fraud and data breach events.
Your first line of defense is annually validating compliance with the Payment Card Industry Data Security Standard (PCI DSS). There are 12 goals, along with additional standard security requirements, that ensure best practices are in place to process, store and transmit debit and credit card data responsibly.
Why is annual validation so important?
PCI DSS validation only reflects a single point in time. As your business evolves (training, policies, processes, points of sale, technology), so must your payment data security precautions. That is why it is critical to keep up with periodic reviews and revalidate your compliance in a timely manner.
Payment acceptance environments without updated controls that are continuously enforced and monitored are easy targets for criminals.
PCI DSS version 4.0 goes into effect April 1
Last year, the Payment Card Industry Security Standards Council (PCI SSC) published an updated PCI DSS version 4.0 that goes into effect April 1. The previous version 3.2.1 will be retired at that time.
PCI DSS version 4.0 includes significant changes that place a greater emphasis on security as a continuous process rather than an annual snapshot exercise. It also promotes fluid data management practices that integrate with a business’s overall approach to payment data security and compliance.
To ensure a smooth transition, we recommend beginning your validation process early and validating to the new 4.0 standard. For customers enrolled in our PCI Compliance Manager program, the platform will be updated to align to the 4.0 standard.
We will release helpful information in the coming weeks. Meanwhile, visit the PCI DSS document library* for more information.
Compliance management support
If you’re unsure of where to start or if your validation has lapsed, your Customer Account Manager can help you get back on track. Your account manager can also tell you more about our PCI Compliance Manager program designed to make PCI DSS compliance validation easier.
This Article Originally Appeared in Elavon’s Payment Smart Newsletter