From small businesses to large corporates, compliance with PCI DSS is essential to all companies who process payment card transactions, either on or offline.
Figures released this month show that credit/debit card usage in the UK has topped 1 billion transactions per month for the first time (that’s over 375 per second). During 2013, Payment Card data was targeted in 61% of information security breaches investigated.*
Payment Card Industry Digital Security Standard (PCI DSS) compliance is not optional; PCI DSS are a set of standards that are designed to protect companies and end users from credit card theft. The standard includes 12 requirements that form a framework for secure payment environments.
Blue Chip has achieved the certification status of a PCI DSS level 1 Service Provider for the provision of managed hosting services and have been certified against the latest version of the standard (v3.0). Version 3.0 was released in November 2013 and will become mandatory for all PCI DSS certified organisations to be validated against in 2015.
Blue Chip has been certified against the latest version and can offer the full range of managed service PCI DSS options to customers. The majority of PCI DSS Service Providers will only offer 2 of the 12 high level requirements (9 and 12), which leave the remainder of sub-requirements for customers to deliver themselves.
As PCI DSS compliance is a fundamental set of requirements to protect against financial losses, our clients utilising this methodology gain a number of business benefits including the creation of a trustworthy reputation, higher levels of customer confidence through the promotion of compliance status and increased digital security; for the protection of sensitive information and customer data.
The new 3.0 version has 100 additional controls and more evidentiary support requirements: For the existing providers on v2.0 – the bar’s just got higher!
*Sources: Trustwave 2013 Global Security Report Verizon Data Breach Investigations Report 2013