PCI DSS compliance and data security

Safeguard your business, and your customers’ data

Keep your customers’ payments and data secure and protect your business from cyber attack


The Payment Card Industry Data Security Standard (PCI DSS) is a set of international conditions businesses must adhere to when processing card payments. The standard covers various levels of compliance, depending on the type of products or services your business offers, online or off.

PCI-DSS compliance can be complicated and challenging. However, at Ezidebit, we aim to help our customers navigate the standards by providing tools to help increase your security and stay compliant.

What is PCI DSS compliance?

A single purchase made by a credit or debit card or electronic payment passes through a complex system of banks, card brands and payment processors. The Payment Card Industry Data Security Standard (PCI DSS) was created by the five major card brands - Visa, Mastercard, Discover, American Express and JCB International - to provide a consistent set of standards for processing, handling and storing this sensitive credit card information.

The main goal of the PCI DSS is to ensure that every time a customer’s debit or credit card information is handled, regardless of the number of transactions processed, their data is handled with maximum security. These standards cover the whole transaction process, and are designed to combat data breaches and fraud.

 

The Merchant Trust Initiative

Our commitment to helping you meet your PCI DSS obligations.

 

Merchant Trust Initiative

Find out more
We’ve developed a program called the Merchant Trust Initiative (MTI) to help our merchants to meet their PCI DSS obligations. The MTI is a supportive hands-on program that helps business owners navigate the complex, ever-changing world of online security. 

This program has a range of tools and information to help protect businesses against the most common data threats, including templates, webinars, blogs, educational materials and support. By implementing the program, you’ll not only be protecting your business, but the important, confidential information of your customers.
Find out more
Frequently Asked Questions

What is PCI DSS Compliance?

What is PCI DSS Compliance?

The Payment Card Industry Data Security Standard (PCI-DSS) was created to ensure there is a consistent set of standards for the processing, handling and storing of sensitive credit card information. PCI-DSS compliance can be extremely complicated and challenging. However, at Ezidebit, we aim to help our customers navigate the standards by providing tools to help increase your security and ensure compliance is met.

Which businesses are required to be compliant?

Which businesses are required to be compliant?

Every business that handles cards, from major enterprises to the smallest businesses, regardless of their size or transaction volume, must ensure they are compliant with the requirements in the PCI DSS. Not doing so may result in suspension from processing cards from certain providers. By staying compliant with PCI DSS requirements, you can be confident that you are doing the right thing by your customers.

How do I know if I’m already PCI DSS compliant?

How do I know if I’m already PCI DSS compliant?

If you complete a yearly assessment of your PCI DSS status, which is completed using a Self-Assessment Questionnaire (SAQ) accurately, and your assessment shows you have no outstanding actions, then you are PCI-DSS compliant. If you have a portal or e-commerce website, this will include providing evidence of quarterly vulnerability scans from an PCI-SSC approved scanning vendor.

Can I opt out of the initiative?

Can I opt out of the initiative?

It is mandatory for all merchants who accept credit cards to be compliant with the PCI Data Security Standard, and this applies regardless of size or how they accept payments. This is not just limited to completing a Self-Assessment Questionnaire (SAQ), but requires a number of steps and regular scans to ensure obligations are met. This is where the Merchant Trust Initiative helps you simplify the steps within the process. If you are already able to show your compliance from another provider, or choose to opt out, click here. The form will outline your obligations as a customer of Ezidebit, so please ensure you understand and meet all these requirements prior to opting out.

I thought by being with Ezidebit, I was already PCI DSS compliant?

I thought by being with Ezidebit, I was already PCI DSS compliant?

Ezidebit is Level 1 PCI DSS compliant business. However there is a point prior to any of this data being entered into our systems that merchants have an obligation to protect card information. This is part of the reason we have launched the Merchant Trust Initiative - to educate and increase knowledge around these obligations to ensure better cybersecurity and data protection practices.

What are the penalties for PCI DSS non-compliance?

What are the penalties for PCI DSS non-compliance?

Fines for PCI DSS non-compliance can range from $5,000 to $100,000 per month per violation.

How long do I have to become compliant?

How long do I have to become compliant?

You will have 12 months to complete your certification using the SecureTrust PCI Manager.

Where can I get more information about the card scheme rules around PCI DSS compliance?

Where can I get more information about the card scheme rules around PCI DSS compliance?

Each of the card schemes have rules that apply to different members of the supply chain within the payment card industry. The following list from each of the card scheme members outlines their specific rules.
  • Visa
  • MasterCard
  • American Express
  • Discover Financial Services
  • JCB International
Get payments done in one. Join us today. Enquire now
Our solutions
Our integrations