WDTalk

 I read an interesting thread this morning about PCI compliance. As a merchant, I have some knowledge of PCI regulations, but not as much as I should. I leave that to more knowledgeable members of our staff (COO, legal and accounting departments). It seems the rules are constantly changing, so much so that I wonder how many small hosts keep up with all these changes and new requirements. In the posts that followed this thread, misconceptions ran rampid. One member even posted he was proud to be non-compliant. OUCH! I don’t think I’ll go there.  The fines for being non-compliant are astronomical!

With so many breaches of credit card security lately, it was inevitable change was forthcoming. I’m certainly not an expert on the topic, so I leave you with some links to sites that clarify PCI compliance. Enjoy!

Industry Links:

• pcisecuritystandards.org
• pcisecuritystandards.org/saq/instructions.shtml
• pcisecuritystandards.org/security_standards/ped/index.shtml
• pcisecuritystandards.org/security_standards/pa_dss.shtml
• usa.visa.com/download/merchants/cisp_what_to_do_if_compromised.pdf
• mastercard.com/us/sdp/index.htmlPayment Card Industry Data Security Standard – Wikipedia, the free encyclopedia
• Approved Scanning Vendorsamericanexpress.com/merchant
• Society of Payment Security Professionals – Payment Security Blog wikipedia.org/wiki/PCI_DSSTreasury Institute PCI/DSS Blog Redirect
• pcisecuritystandards.org/pdfs/pci_qsa_list.pdf
• pcisecuritystandards.org/pdfs/asv_report.html