In 2006, Visa, MasterCard, American Express and Discover Associations got together to work out how to stem the rising incidence of theft of credit cardholders’ information. This resulted in what we today know as the PCI Data Security Standard, which consists of the rules all merchants must adhere to or risk losing their ability to process credit cards.
The PCI Data Security Standard is a 326 point program that covers the rules for all possible ways to process credit cards. Most merchants do not have the time or inclination to sort through this easily. To support your merchants, UMS banking put together a simple program that allows merchants to understand and fulfill their requirements.
UMS Banking undergoes an annual security audit to validate the company’s PCI DSS compliance to that of a Level One organization. Any company access to merchant card data is done within a PCI Compliant environment.
UMS created a PCI Compliance website, www.pcisite.com, which allows you to easily fulfill your yearly PCI requirements, in most cases in just a few minutes. If you have items that need handling, these are highlighted with what you need to fix, with tools to assist in the completion of these.
Part 1: Security Awareness Training
We make Security Awareness training easy for you with our “PCI Simplified” online course. This short course can be done at your convenience. It gives you a basic understanding of what PCI Compliance is and the key points of security you need to be aware of, and prepares you for the next step.
Part 2: Yearly SAQ’s Made Simple
An SAQ is a Self Assessment Questionnaire. The purpose of an SAQ is to allow you to self-validate PCI Compliance. You will fill this out when you sign up with UMS and renew it yearly.
There are several versions of the SAQs and the one that you need to do is based on your processing environment. PCISite easily and simply allows you to determine which SAQ to do.
Each SAQ has a set of security questions that need to be answered. The questions were written by and geared to IT people who understand computer networks, hardware and software. Naturally, most merchants are much more interested in their business than they are in those details. If you do not have this proficiency, it can be difficult to easily answer the questions. PCISite uses a combination of audio-visual support, plain English simplified questions, real-life examples, and graphics to translate the technical points to understandable questions.
Part 3: Security Templates
PCI Applications provide security policy templates to allow you to easily formulate a required security policy for your company without having to start from scratch.
Part 4: Breach Protection
Unfortunately, being diligent and completing an SAQ does not always prevent a data breach. Although you hear about the big breaches, it is the smaller merchant that represents the majority of security breaches.
In the event of a breach, you need a way to protect your business. UMS Banking provides this through offering you the option of breach protection. Breach protection covers the financial impact of an audit required by any card brand (such as Visa or MasterCard) when they suspect a breach has originated with your business and require an audit and/or damages. Card replacement costs, related expenses, and assessments and fines resulting from a data breach are covered. Coverage is up to $100,000.00.