Take me home


Safe, secure and reliable payment processing since 1997
Testimonials




PCI Compliance Information

PCI DSS is compulsory for processing card payments


PCI Compliance is the Payment Card Industry Data Security Standard mandated by the card schemes for the protection of cardholders and transaction details. According to payment brand rules, all merchants accepting credit card payments are required to comply with the PCI Data Security Standard in its entirety.


Our payment gateway is robust and feature rich, and if you are storing account information, we can provide you with custom tokenization solutions that will significantly reduce your PCI compliance liability.


TrustWave
Amber Sail
ControlScan





What it is PCI compliance and why does it matter?

Who are PCI Security Standards Council

What is the standard exactly?

What if I don't want to become PCI compliant?

If a merchant is found to be not PCI compliant, what are the consequences?

What part of the standard is mandatory and what is voluntary?

How do I become compliant?

How much does it cost to become compliant?

Isn't this just another way of getting more money out of businesses?

Can you afford €5,250 in fines? Don't let it happen to you!

What now?

 


What it is PCI compliance and why does it matter?


If you own an online shop, bank online or use credit and debit cards, there is a very good chance that you have heard the term "PCI compliant." However you probably don't know what it means.

The term "PCI compliant" is heard more and more these days as data breaches at merchants like TKMaxx, eBay, Adobe and British Airways, land hundreds of thousands of card details in the hands of criminals. These criminals are using the data to make purchases and withdraw money from accounts of unsuspecting victims.

It's a huge and growing problem. More than 80% of data stolen in breaches is payment card data, according to the 2014 Verizon Business Data Breach Report.

Don't let it happen to you!




Who are PCI Security Standards Council


The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including: the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and Pin-Entry Device (PED) Requirements.




What is the standard exactly?


It's the PCI, which stands for Payment Card Industry, data security standard. It's a set of 12 specific requirements that cover six different goals. It's very prescriptive. It says not only that you need to be secure but it tells you how to become secure. It's more about security than compliance.



 

What if I don't want to become PCI compliant?


If you decide not to become compliant then you can still open an account with us. However...

If you are not compliant to the Payment Card Industry Data Security Standards (PCI DSS) you will be responsible for any losses through fraud, and may also face considerable fines. Your customers will suffer if their card details are compromised. Your business reputation will suffer as a result.

Taking responsibility for PCI compliance forms part of your merchant Terms & Conditions.

Don't let it happen to you!



 

If a merchant is found not compliant, what are the consequences?


90% of consumers don't understand the difference between credit card fraud and identity theft. If they hear that their credit card has been stolen, many of them believe their identity is at risk. If that's the case many of your customers won't shop with you anymore because they are afraid you are not protecting their data and someone is going to steal their identity. That's the worst thing that can happen. The biggest problem would be if your customers walk away. There are reputational damages they have to deal with, which 9 times out of 10 cannot be measured in terms of money.




What part of the standard is mandatory and what is voluntary?


It's all mandatory. Nothing is voluntary. The rule is if you store, process, or transmit credit card data you must be compliant with the PCI standards. And that's a global rule.




How do I become compliant?


You can become compliant by using an assessor. To see the current list of PA-QSAs recognized by the PCI Security Standards Council, please see below. Alternatively search online for 'PCI compliant assessors'.


Please note, the PCI Security Standards Council maintains an in-depth program for security companies seeking to be certified as Payment Application Qualified Security Assessors (PA-QSAs), as well as to be re-certified as PA-QSAs each year.

We do not take any responsibility for 3rd party websites and / or services




How much does it cost to become compliant?


If you would like help with becoming compliant, prices vary from company to company. However the average price is around £150. If you would simply like to self-assess then this is free.

Please note that with our Standard Account PCI Compliance is FREE. For our High Risk & Adult accounts we recommend ControlScan .




Isn't this just another way of getting more money out of businesses?


Not at all. This is for the benefit of all concerned. 80% of all online fraud occurs using stolen or misused payment details. No matter where you go to become PCI compliant (except for self assessment) you will have to pay a fee.



 

What now?


For more information, including FAQ's please visit www.pcisecuritystandards.org



 

Don't let it happen to you!


If you are not PCI DSS compliant, €5,250 is the least amount that the Card Schemes could fine. If fraudsters get their hands on your customer payment card data, this amount will increase.

If your data is compromised, card issuers may also require you to certify your compliance within 90 days by using a Qualified Security Assessor. Typical cost is £850 per day, with assessments taking up to two weeks

Card issuers may also insist on an investigation by a Qualified Forensic Investigator. Typical cost is £850 per day. An investigation could last for 10 days. You could also be liable for other costs, including card replacements.

Don’t be left counting the cost of non-compliance.

What could your business do with €5,250?

  • Buy equipment for expansion?

  • Replace aging computer equipment?

  • Run a promotional advertising campaign to drive growth?

  • Lease a new van?

  • Spruce up your premises?

  • Give bonus payments to hard-working staff – or to yourself?

  • Or pay a fine for non-compliance?

 

 


Get started today...



USEFUL INFORMATION


Home
Company Profile
Contacting Us
White Papers
Credit History and Checks
Why applications get declined
How It All Works
What is a Merchant Account?
What is a Payment Gateway?

ACCEPTING PAYMENTS


Switch To Us Today and Save on Fees
Merchant Account and Gateway
Online Payments
Adult Merchant Account
High Risk Merchant Account
Credit Card Machines
Credit Card Reader
Free Virtual Terminal

High Volume & Corporate Accounts


Secure application process, fast settlement, numerous free features, dedicated account manager and 24/7 support

Web-Merchant Services Limited © 1997 - 2017 - Company Registration No. 03919014

Fully compliant with the Payment Card Industry Data Security Standard (PCI DSS). NCA Approved. Anti-Money Laundering Registration No.12709698. Data Protection Reg No. Z3544745
MasterCard ® is a registered trademark of MasterCard International Inc. Visa ® is a registered trademark of Visa International Service Association.

Need to get in touch with us? We're simply a click away...


National Crime Agency
Thawte Security
TrustWave
Data Protection Act 1998: Reg No. Z3544745
Anti-Money Laundering Registration No.12709698
PCI DSS Certified

Privacy Policy
 |
Legal Information | Terms and Conditions | Cookies  | Anti-Money Laundering Policy
| html sitemap | xml sitemap | Twitter | LinkedIn