| 
Compliance
Supporting you in reaching PCI compliance
If you process, store or transmit credit card payments your organisation must become PCI DSS (Payment Card Industry Data Security Standard) Compliant.
PCI DSS provides mandated guidelines for the storing of cardholder details, including credit card number, cardholder name and card expiry date.
PCI DSS has been developed by Visa and MasterCard for organisations processing credit card payments. It is designed to prevent credit card fraud due to hacking and various other forms of misuse of cardholder details.
The level of compliance for your business depends on the number of transactions you are processing (or expect to process).
PCI best practices
The key practices you need to achieve are to:
-
Build and maintain a secure network
Protect cardholder data
Maintain a vulnerability management program
Implement strong access control measures
Regularly monitor and test networks
Maintain a policy that addresses information security.
Achieving PCI Compliance
The objective of PCI DSS is for you to become 'PCI Compliant'. Depending on the volume and type of transactions you process it may be mandatory for you to undertake two of the following three tasks.
| Mandatory tasks (two of the following) | Required period |
| On Site Audit | Annually |
| Vulnerability Scan | Quarterly |
| Self Audit Questionnaire | Annually |
These are required to be conducted by a qualified independent scan vendor such as www.scanalert.com.au.
-
For more information on reaching PCI compliance call 133 800, 8am - 6pm (AEST), Monday to Friday
- Send an email enquiry
