Skip to content

What is PCI Compliance?

Payment Card Industry (PCI) compliance is a set of standards that governs credit card processing security for any institution, business, or other entity that runs transactions through branded credit or debit cards (Visa, MasterCard, Discover, and American Express). PCI compliance ensures that businesses are doing their due diligence to protect cardholder or customer data and reduce credit card fraud.

Though many states don’t have laws requiring PCI compliance, the credit card industry does have many regulations regarding cardholder security. As such, anyone who takes credit or debit card payments must follow the PCI rules. PCI compliance standards are implemented and monitored by the Payment Card Industry Security Council.

Becoming PCI compliant not only protects your business and customer data, but it can also help you avoid hefty fees from card brands if a data breach occurs.

PCI Compliance Doesn’t have to be Scary

PPS makes it easy for our clients to become PCI compliant. Working with our PCI partner, SecureTrust, we will walk you through the process of becoming and staying compliant and help you identify particular needs and considerations for your business. Depending on your business model, you may need to answer a questionnaire and perform a scan of your environment (i.e. card-present or card-not-present). If at any time you have questions or run into a problem, you can email us at  [email protected] or call us at 720-600-2229 for help.

In addition to working with Pyxis, there are a few things you can do right now to improve security.

More Resources on PCI Compliance and Security

Payment Cards

There are four major card brands used in the United States: Mastercard, Visa, American Express, and Discover. Each card brand supports a variety of unique card features among its various card types. For more information on these features, click the links below.

Mastercard 

Visa

American Express

Discover

P2P Encryption

While there are many ways to protect customer data, point-to-point encryption (which effectively masks sensitive data, like the card number, as it moves through the transaction process) is among the most highly regarded methods. This can help reduce fraud and intrusion from malicious events such as hacking.

Tokenization

Tokenization is the process of replacing sensitive cardholder data with a non-sensitive equivalent called a token. The token has no value or meaning outside of the secured tokenization system, rendering it useless to bad actors.

Hosted Payment Page

Any business with a merchant services account through Pyxis Payments can take advantage of our customized payment webpages. This is an especially great solution for a non-profit organization, property-management company, or any business that uses recurring billing.

Fraud Management Tools

PPS Payments employs many fraud management tools to assist business owners in protecting their information from data thieves. From customizable protections for business owners using payment gateways or virtual terminals to point-to-point encryption and tokenization. We’re here to help you decide the best way to protect your business.