PCI (Payment Card Industry) Compliance is a set of standards upon which the major credit card companies have agreed to protect personal information and ensure security when transactions are processed using a payment card. Over the next few years, all parties involved in credit card transactions will be required to be PCI compliant.
MemberClicks is certified as a Level 1 Service Provider. This means that we have been certified onsite by a Qualified Security Assessor and have to meet the highest level of scrutiny.
What does it take to be PCI compliant?
In brief, to be PCI compliant, a vendor must meet these six standards:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
MemberClicks has met all six standards for compliance.
Does my technology vendor have to be PCI compliant?
In a word, YES. Even if you choose not to go with MemberClicks for your payment processing needs, you should choose a vendor who is certified to be PCI compliant.
What happens if my technology vendor is not PCI compliant?
If your technology vendor is not PCI compliant, then your organization won’t be compliant either. You may face fines or even the suspension of your ability to accept credit card payments.
Can a vendor be partially PCI compliant?
No. A vendor is either fully compliant or not at all.