Learn what it means to be a part of the Payment Card Industry
The steps to becoming PCI compliant begin with a willingness to learn along with an understanding of what PCI compliant is and is not. PCI compliance is not a guarantee that you will never have a data breach, it is not a simple checking of boxes. PCI compliance is implementing layers of security that make it increasingly more difficult for cybercriminals should they try attempt to attack you.
To become PCI compliant you must follow these steps:
● Communicate clearly with your Acquiring bank to understand specific deadlines for compliance and required reporting processes.
● Understand all of the ways your organization interacts with cardholder data. For example, how does your organization handle and process credit cards? Are you storing credit card information?
● Gather contact information for all of your thirdparties that are involving in the handling, processing, or storage of your customer’s cardholder data. This may include POS vendors, web hosts, data centers, etc.
● Understand how many individual credit card transactions your organization processes annually (per card brand) and what merchant level your organization falls under. Information along with your methods of interacting with cardholder data help determine what requirements you will need to validate for compliance.
● Contact Protocol to provide a thorough review of your PCI compliance needs.