PayJunction and PCI Compliance Go Hand-in-Hand
PCI compliance is an important part of having a merchant account. The PCI Compliance Guide Website states that it is “a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID (MID).” This protects a business and the business’s customers from security threats. There are four different levels of PCI Compliance, levels 1-4. PayJunction, a merchant services provider, is Level 1, which is the highest level. To learn more about PayJunction, and its PCI compliance, visit here.
Businesses who obtain their merchant services account through PayJunction will still need to be compliant themselves. The good news, however, is that PayJunction’s services do cover some of the PCI requirements.
Self-Assessment Questionnaire
In order to be recognized as compliant, merchants must complete a Self-Assessment Questionnaire, self-validating their processes regarding cardholder data. It should be completed every year and can be found on the PCI security council’s website at www.pcisecuritystandards.org. It is highly recommended that every business be PCI compliant. However, PayJunction does not actively verify whether or not this is the case. Therefore, they do not impose any fees for the Self-Assessment Questionnaire (SAQ), which saves businesses money.
Scanning
In addition to completing the annual Self-Assessment Questionnaire, businesses processing credit cards should also scan their network IP address and their web domains on a quarterly basis. These external network and domain scans verify that the business’s infrastructure is safe. These non-intrusive scans are a lot like inspecting a castle wall…you walk around the entire castle looking for holes or weak spots where the enemy could break-in. If your IT network has holes, you’ll fail the scan. If your IT network is secure, you’ll pass the scan. PayJunction does not actively verify whether merchants participate in scanning, and thus there are no fees associated with it. Many other credit card processors, such as Elavon, First Data, Vantiv, and iPayment impose monthly fines if the scans are not performed and registered with the processor or the processor’s Approved Scanning Vendor (ASV).
Cyber Security
The security protocols you utilize at your business are vitally important for protecting your customer’s payment card information. In 2017, there were 1,765 data breaches nationwide. 90% of data breaches impact small businesses. If you accept credit cards then you’re a target for hackers. The average cost of a data breach is 3.62 million dollars! You can avoid this by having a competent IT (Internet Technology) services provider. If you’re a small business, you likely won’t have a designated IT department. So instead, we recommend you hire a professional IT firm to oversee your cybersecurity and PCI Compliance.
Thinking of doing your cybersecurity yourself? We don’t recommend it. But if you insist, you can start by familiarizing yourself with this 139-page manual: Payment Card Industry Data Security Standard.
Looking for an IT services provider in Colorado Springs? We endorse Firma IT Solutions. They were voted “Best in Business 2017 as the #1 Cyber Security Company in Colorado Springs, CO.
Cyber Liability Insurance
Do you have $3.62 million dollars in your checking account set aside as a reserve to cover your losses from a potential data breach? We think not. Even if you have an excellent cybersecurity company managing your IT infrastructure, you still need cyber liability insurance. Your business is run by humans, and humans make mistakes. Enjoy the peace of mind that comes with a cyber liability insurance policy. It’s usually a nominal cost to add it onto the general liability policy your company probably already has.
Looking for a cyber liability insurance provider in Colorado Springs? We endorse the Scott Anderson Insurance Agency. They are also endorsed as a local insurance provider by financial guru, Dave Ramsey.
An Important Step
PCI compliance is an important step in a business’s credit card processing present and future. PayJunction is a skilled, technologically advanced company that can help your business get secure and stay secure.