In 2006, Visa, MasterCard, American Express and Discover Associations got together to work out how to stem the rising incidence of theft of credit cardholders’ information. This resulted in what we today know as the PCI Data Security Standard, which consists of the rules all merchants must adhere to or risk losing their ability to process credit cards.
The PCI Data Security Standard is a 326 point program that covers the rules for all possible ways to process credit cards. Most merchants do not have the time or inclination to sort through this easily. To support your merchants, UMS banking put together a simple program that allows merchants to understand and fulfill their requirements.
UMS created a PCI Compliance website, www.pcisite.com, which allows your merchants to easily fulfill their yearly PCI requirements, in most cases in just a few minutes. If the merchant has items that need handling to ensure they are secure, it highlights these and tells him what he needs to do, with tools to assist in their completion.
Part 1: Security Awareness Training
We make Security Awareness training easy for merchants with our “PCI Simplified” online course. This short course can be done at a merchant’s convenience. It gives them a simple understanding of what PCI Compliance is and the key points of security they need to be aware of, and prepares them for the next step.
Part 2: Yearly SAQ’s Made Simple
An SAQ is a Self Assessment Questionnaire. The purpose of an SAQ is to allow a merchant to self-validate PCI Compliance. Merchants fill these out when they sign up with UMS and renew yearly.
There are several versions of the SAQs and the one the merchant needs to do is based on his processing environment. PCISite easily and simply allows your merchant to determine which SAQ they need to do.
Each SAQ has a set of security questions the merchant needs to answer. The questions were written by and geared to IT people who understand computer networks, hardware and software. If a merchant does not have this proficiency, it is difficult for them to easily answer the questions. PCISite uses a combination of audio-visual support, plain English simplified questions, real-life examples, and graphics to translate the technical points to understandable questions.
Part 3: Security Templates
PCI Applications provide security policy templates to allow merchants to easily formulate their security policy without having to start from scratch.
Part 4: Breach Protection
Unfortunately, being diligent and completing an SAQ does not always prevent a data breach. Although you hear about the big breaches, it is the small merchant that represents the majority of security breaches.
In the event of a breach, your merchants needs a way to protect their business. UMS Banking provides this through offering breach protection to your merchants. Breach protection covers the financial impact of an audit required by any card brand (such as Visa or MasterCard) when they suspect a breach has originated with your merchant and require an audit and/or damages. Card replacement costs, related expenses, assessments and fines resulting from a data breach are covered. Coverage is up to $100,000.00 for the merchant.