INDEPENDENT RETAILER magazine is now the official news outlet for Wholesale Central visitors.
Each monthly issue is packed with new product ideas, supplier profiles, retailing news, and
business strategies to help you succeed.
See new articles daily online at IndependentRetailer.com.
Dec 1, 2007
by Christopher Heine
If a company processing, storing or transmitting credit card numbers is not PCI DSS compliant, they risk losing the ability to process these payments. Noncompliant firms potentially face fines of up to $500,000 per incident. Even if a company has made strides for compliancy, the job is never quite finished. Merchants and service providers must regularly validate compliance with an audit by a PCI DSS Qualified Security Assessor (QSA) company.
Ecommerce firms are left in a bit of a quandary, as they must find products or technologies that can help them meet the standard's requirements. This is made more difficult by the fact that no product is PCI compliant; compliance is met by members, merchants or service providers, not by products. There is no single product, service or technology that can address all aspects of the standard, leaving the affected parties to search for a variety of tools to create a solution.
When evaluating solutions to comply with the standard, organizations should consider two key criteria: First, whether the product can help achieve compliance with the standard, and second, whether the product itself is secure and addresses various aspects of the PCI. The technical language of this subject can intimidate marketers and business operators and drive them from the problem, rather than attacking it head on. But it is imperative that you check out the end of this article to see what service providers can help. Without question, getting started on this problem sooner rather than later is recommended.
Marketers need to educate themselves about the problem before beginning discussions with services vendors. Talk to your IT team and find out their views. Go over what is known about the problem. Even though the dilemma is complicated, the PCI DSS standards can be summarized in 12 parts:
PCI Security Standards Council, LLC
401 Edgewater Place, Suite 600
Wakefield, MA 01880
Vendors to contact for more info:
915 South 500 East Suite 200
American Fork, UT 84003
860 Napa Valley Corporate Way, Suite R
Napa, CA 94558
Toll Free 877-302-9965
OPNET Technologies, Inc.
7255 Woodmont Avenue
Bethesda, MD 20814
1801 North Glenville Drive
Richardson, TX 75081
Toll Free 866-233-7569
Customer support: 866-433-7569
120 N LaSalle Street, Ste. 1250
Chicago, IL 60602
487 East Middlefield Road
Mountain View, CA 94043
Ecora Software Corp.
2 International Drive
Portsmouth, NH 03801
8320 Old Courthouse Road, Suite 201
Vienna, VA 22182
5 Clock Tower Place, Suite 400
Maynard , MA 01754
Toll Free: 800-231-8224
Topic: Business Strategies
Related Articles: PCI compliant
Entire contents ©2019, Sumner Communications, Inc. (203) 748-2050. All rights reserved. No part of this service may be reproduced in any form without the express written permission of Sumner Communications, Inc. except that an individual may download and/or forward articles via e-mail to a reasonable number of recipients for personal, non-commercial purposes.