Are you PCI compliant?

What is PCI and Why is it Important

The Payment Card Industry (PCI) Data Security Standard (DSS) was created to help protect cardholder data that is processed, stored or transmitted by merchants. All merchants—regardless of type or size—that accept payment cards must comply with the PCI DSS.

By complying with this standard, you can help minimize the opportunity for loss and related fees that can result from a data breach. However, understanding what these standards mean to your business and what you need to do to bring your business into compliance can be confusing and overwhelming.

How Alliance Bankcard Can Help

Minimizing the confusion and simplifying PCI compliance is where Alliance Bankcard comes in. As your payment processing provider, we are committed to giving you the clarity, education and support you need to achieve compliance and safeguard your business and the confidence of your most valued asset—your customers.

Simplified PCI self-assessment questionnaires have been designed specifically for Alliance Bankcard merchants.

​If Alliance Bankcard is your merchant services provider, you are required to complete and submit a PCI questionnaire

​Once we receive your completed questionnaire, we will review the results and contact you with your compliance status. If a merchant is not compliant, Alliance Bankcard will provide the information and support needed to bring their business into compliance.

Key Standards for All Merchants

​Whether you’re a merchant that processes with Alliance Bankcard today or not, there are several key areas all merchants should address in their business practices. The following information is a high-level review of these areas:

PCI Data Security Standard

Protect Cardholder Data

  • Make sure all receipts truncate the cardholder's account number.
  • Protect stored data, including electronic data, your customers' sales slips and your receipts.
  • Store copies of all sales receipts in a secure manner.
  • If you destroy sales receipts, make sure they are unreadable.
  • Give the carbon copy of the sales receipt to your customer.
  • Encrypt transmission of cardholder data and sensitive information across public networks.

Build and Maintain a Secure Network

  • Install and maintain a firewall configuration to protect data.
  • Do not use vendor-supplied defaults for system passwords and other security parameters-create your own unique password(s) and never give it to anyone.

Maintain a Vulnerability Management Program

  • Use and regularly update anti-virus software.
  • Develop and maintain secure systems and applications.

Implement Strong Access Control Measures

  • Restrict access to data to only those that need to know it for a business purpose.
  • Assign a unique ID to each person with computer access.
  • Restrict physical access to cardholder data.

Regularly Monitor and Test Networks

  • Track and monitor all access to any network resources and cardholder data.
  • Regularly test security systems and processes.

Maintain an Information Security Policy

  • Maintain a policy that addresses information security.