BAMS offers everything new and experienced merchants alike need to ensure that their customers’ sensitive payment data is always as safe as possible. We provide every one of our merchants with expert guidance through the sometimes complex process of becoming fully PCI compliant.
Part of establishing PCI compliance and maintaining it year in and year out is filling out an annual PCI self-assessment questionnaire (SAQ). These questionnaires are designed to accomplish two goals: to help businesses identify weaknesses that need to be dealt with and to help prove to institutions that a company is compliant. But not all companies handle credit cards in the same way, so PCI has put together nine different versions of the SAQ. The difference in length and complexity between the shortest and longest versions is extreme – 22 questions versus 329. As a result, it’s important that companies select the proper SAQ for self-assessments because choosing poorly could result in under-analysis, or alternately, a lot of unnecessary work. Below is a quick review of each SAQ version to help with proper selection.
Let’s talk about PCI Compliance. In the summer of 2019, it came out that Capital One – a credit card issuer themselves – fell victim to a hack that exposed the data of 100 million cardholders and applicants. That might seem extreme, but it’s only the latest in a series of high-profile security breaches that have resulted in the theft of personal data. In 2018, Marriott discovered a years-long breach that exposed the data of 500 million customers. In 2014 a breach exposed the data of 56 million Home Depot customers, and a year before that, Target was hit with a hack that exposed 110 million customers. Other household names that have fallen victim to hacks in that time have included Yahoo, Adobe, eBay, Sony, and more.
Plastic is now the preferred payment method of choice for consumers across the globe, and accepting card payments is no longer an option for serious businesses. Unfortunately, a number of myths surrounding payment processing still muddy the waters and keep some businesses from taking the leap. Those myths are generally rooted in old information from a time when getting set-up to accept credit cards wasn’t all that easy, but those days are long gone. Here are four of the most persistent of those myths, and how they diverge from the reality of modern payment processing.
PCI compliance is one of the most important factors in establishing safe online transaction processing, but many business owners and managers know very little about it. Most either assume that it doesn’t apply to them or that they already have it – whatever it is. But e-commerce software and online payment solutions aren’t PCI compliant by default, and it’s essential that companies accepting credit card payments – both online and off – understand the basics of PCI compliance and the many benefits that it provides.