Merchants have been fined millions of dollars by the networks for not keeping their data secure.

When was the last time you wrote a credit card number down on a sticky note, or maybe an invoice or piece of paper? What do you do with those pieces of paper? Who has access to them? Are they in a tray on someone’s desk?

Do you…

• Have faxes coming into a room that is not secure?
• Handle e-mails with credit card account numbers?
• Receive mailed-in forms with credit card account numbers?
• Shred not only the top sheet, but the one underneath it, as well?
• Run background checks on every employee that has access to credit card account numbers?

What is PCI (DSS)?

• PCI DSS stands for Payment Card Industry Data Security Standards. It is most often referred to as PCI. The leading credit card networks formed The Security Standards Council and the PCI standards to ensure customer data is safeguarded.
• Another common term is PA DSS which stands for Payment Application Data Security Standards.
• PCI sets the compliance standards for the merchant.
• PA DSS sets the compliance standards for terminals, gateways, POS systems, etc.

Who must comply?

• All merchants must be PCI compliant. It does not matter if a merchant runs one transaction or one million transactions a year. What does change are the requirements.

What are the risks?

When data is stolen from a merchant, the merchant is responsible for:

• Up to $500,000 per data security incident
• Up to $50,000 per day for noncompliance with published standards
• All fraud losses incurred from compromised account numbers
• The cost of re-issuing cards associated with the compromise
• The suspension of the merchant account

Where does MRC fit in?

MRC assists merchants with…

• Required annual filings
• Validation of processor
• Education & Execution of the 12 required standards
• Validation of PIN entry device
• Validation of dial terminals
• Validation of POS/Gateways

Spend your time and energy growing your profits and let MRC help you protect it.