Visa and MasterCard have made important changes to merchant acceptance as part of a proposed settlement for merchants located in the U.S. and U.S. territories. For more information click here.
Stolen cardholder account data is a major concern for all participants in the payment industry - consumers, merchants and financial institutions and processors. Merchants and financial institutions often suffer unanticipated operational expenses resulting from data hacking and fraud. To better protect your business, your customers, and the integrity of the payment system, each of the card companies has in place a set of requirements governing the safekeeping of account information.
When consumers offer their bankcard at the point of sale, over the Internet, on the phone, or through the mail, they want assurance that their account information is safe. Visa and MasterCard have aligned their cardholder data protection programs to protect cardholder data - wherever it resides - ensuring that members, merchants, and service providers maintain the highest information security standard.
Recently, the PCI Security Standards Council developed a standard set of standards for payment applications called PA-DSS. The goal is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, other sensitive authentication data or PIN data, and ensure their payment applications support compliance with the PCI DSS.
PCI-DSS Compliance - Secure Your Business:
All merchants are required to comply with the Payment Industry Data Security Standards (PCI-DSS) and all payment applications must be certified and validated annually. Non-compliance may result in additional costs and expenses for your business. To help protect your business, Elavon's PCI Compliance Program makes learning about PCI and validating compliance simple:
- Visit our PCI website, http://www.paymentstart.com/secure, for PCI education and tips on protecting cardholder data. You'll find an overview of PCI, a comprehensive list of Frequently Asked Questions (FAQ), and links to industry resources. You can also access our Visa� and MasterCard� accredited Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV).
- Choose your payments environment online and access a portal to complete the annual Self- Assessment Questionnaire (SAQ), a validation tool that helps you meet compliance requirements.
- Complete the SAQ filing with assistance from our ASV that provides POS/PMS system scanning software and services to validate compliance, produce the required transaction analysis reports, and help you understand the requirements.
- Contact our dedicated Elavon PCI customer support line for answers to your questions and guidance throughout the validation process.
PCI DSS validation isn't just for merchants! As a Service Provider in the payment processing industry, Elavon is also required to validate PCI compliance on an annual basis. Click below for details on our PCI DSS validation.
For more information please visit:
- If a merchant wants further proof of compliance for Elavon's PCI-DSS certification they can go to: http://www.visa.com/splisting/searchGrsp.do and view Visa's Global Registry of Service Providers - PCI DSS Validated Entities.
- If a merchant wants proof of any of Elavon's applications' PA-DSS compliance they can go to: https://www.pcisecuritystandards.org/approved_companies_providers/vpa_agreement.php, search by company (Elavon) and view all of Elavon's PA-DSS compliant applications.
- Card Truncation
- Merchant Data Security
- Visa - Cardholder Information Security Program (CISP)
- MasterCard - Site Data Protection (SDP)
- Payment Application Data Security Standard (PA-DSS)