What is PCI Compliance and what does it mean for Parking operators?
In 2006, the major payment cards (Visa, MasterCard, American Express, Discover and JCB International) developed the Payment Card Industry Data Security Standards (PCI DSS), a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. When properly implemented and maintained, these security standards combat the risk of hackers and fraudulent charges.
While the PCI Council developed the framework for cardholder security, it’s up to all merchants, both small and large, to build and maintain a secure network and systems. If a cardholder’s information becomes compromised, it can result in more than a merchant or operator’s tarnished reputation. It can lead to fraud losses, diminished sales, fines and penalties, legal costs, and more.
Best Practices of PCI DSS Compliance
The best way to protect the safety of cardholder data is to make sure that the data is continually secure, from the moment a credit card reader captures data to when it flows into the payment system.
To achieve PCI DSS compliance a merchant or operator must take on the monstrous task of completing 12 requirements broken into 6 groups of various technical and operational tasks.
Click to learn more.
This is significantly different than using a PA DSS certified system or application. This level of certification simply implies that the system or application can support your own PCI-compliance program. There is simply no equivalence in PCI DSS and PA DSS certification.
How FlashParking Simplifies and Streamlines PCI DSS Compliance and Maintenance
At FlashParking, we are committed to delivering PCI DSS compliant technology that takes the burden of away from our customers. Our system is PCI DSS certified as a Level 1 Service Provider, which means we ensure that a payment processing system can handle millions of transactions daily in a reliable and safe environment. It is the highest level of PCI compliance available.
We do so by building and maintaining secure networks and systems. As soon as customer swipes his/her credit card, the information stored on a credit card is encrypted at the head of the credit card reader and sent over to the payment gateway . We never store credit card information on our system, but all other data, such as transaction records, is stored in the Microsoft cloud.
We are experts at providing PCI DSS compliance for all equipment, hardware and software. An operator still has minimal responsibilities for maintaining compliance – you must develop a security policy and train employees to check the credit card reader once a week to make sure that a skimmer hasn’t been installed on the device. Designed to look just like a credit card reader, a skimmer captures data before it goes into the real credit card reader. Once an employee verifies that the credit card reader is free of a skimmer, it’s business as usual in a secure environment.