Why is it important to be PCI DSS compliant?

go-centric Ltd is PCI DSS Compliant. That means that we have been audited and certified by a third party, confirming that we are fully compliant with the standards set out by the Payment Card Industry Security Standards Council.

This commitment to PCI Compliance gives our clients the peace of mind to be confident that their customer card data is safe and in line with international standards of security. We have a separate and secure environment from which payments are received and made. This environment is tested on an ongoing basis to ensure it is impenetrable from attack and risk is managed continuously.

The risk of non-compliance, apart from the reputational and organisational damage that could be caused by a potential breach of PCI compliance, is there are some real financial penalties that can be passed onto an organisation should there be a case of fraud uncovered. The fine from the payment brands are discretionary in value, Non-compliance will result in card scheme fines being passed onto you, monthly non-compliance fines, and/or termination of your card processing facilities. The costs involved after a data security breach can be extremely high.

We can take the risk and effort away from our clients in terms of compliance, and with a proactive service, maximise the volume of payments collected.

PCI Security Standards Council recently published an updated version of the Special Interest Group information supplement Protecting Telephone-Based Payment Card Data. The new guidance explores the potential risks and security challenges associated with telephone-based card payment environments. We liked this interview they published with Jean-Louis LaMacchia, Standards Development Manager and Chair of the Protecting Telephone-Based Payment Card Data Special Interest Group to discuss the guidance.