Guaranteeing the security of transactions carried out using payment cards is a priority for all of us today. Therefore, entities enabling this type of activity decide to implement advanced solutions, thanks to which both our private data and funds in the bank account are safe. One of them is the PCI DSS certificate. What is it and why is it so important to us?
Read about what PCI DSS is.
Year after year, consumers are becoming more aware of how important it is to secure their sensitive data. This can be seen in the results of the “Lost in Transaction: Consumer payment trends 2022” study, which indicates that as many as 70% of the 11,000 surveyed individuals from 10 European countries do not want to share their financial data online. Meanwhile, 62% of respondents feel anxious when they are not asked for additional security information before making a payment.
The solution aimed at reducing consumer concerns is PCI DSS (Payment Card Industry Data Security Standard), which is the Security Standard in the Payment Card Industry. It is a set of requirements designed to ensure maximum protection of data collected on our payment cards. This standard was developed in 2006 by the PCI Security Standards Council, established by payment organizations such as Visa, MasterCard, American Express, Discover, and JCB. It contributes to the real minimization of the risk of data loss, identity theft, and other frauds.
Which organisations must comply with PCI DSS requirements?
Today, all companies dealing with payment card services are obliged to comply with PCI DSS standards, regardless of their size and the stage at which they handle cards. This means that such a certificate must be held by all:
It is worth emphasising that entities that do not comply with the standards set out in PCI DSS must face serious consequences. They are threatened not only with financial penalties, but also with exclusion from card service participation, which consequently negatively affects the company’s image and its credibility.
Requirements necessary to obtain a PCI DSS certificate:
A company that is interested in obtaining a PCI DSS certificate is obliged to meet 12 requirements that allow for the protection of payment card data at every stage of their processing in the network. These requirements have been divided into 6 main control objectives:
Meeting such strict requirements is not easy. For this reason, we can be sure that those organisations that can boast of having a PCI DSS compliance certificate provide very high standards of payment data security at every stage of their processing.
Digital Fingerprints S.A. ul. Gliwicka 2, 40-079 Katowice. KRS: 0000543443, Sąd Rejonowy Katowice-Wschód, VIII Wydział Gospodarczy, Kapitał zakładowy: 4 528 828,76 zł – opłacony w całości, NIP: 525-260-93-29
Biuro Informacji Kredytowej S.A., ul. Zygmunta Modzelewskiego 77a, 02-679 Warszawa. Numer KRS: 0000110015, Sąd Rejonowy m.st. Warszawy, XIII Wydział Gospodarczy, kapitał zakładowy 15.550.000 zł opłacony w całości, NIP: 951-177-86-33, REGON: 012845863.
Biuro Informacji Gospodarczej InfoMonitor S.A., ul. Zygmunta Modzelewskiego 77a, 02-679 Warszawa. Numer KRS: 0000201192, Sąd Rejonowy m.st. Warszawy, XIII Wydział Gospodarczy, kapitał zakładowy 7.105.000 zł opłacony w całości, NIP: 526-274-43-07, REGON: 015625240.