With losses due to credit card fraud costing UK businesses £341 million in 2011 companies that process credit and payment cards are being required to comply with the Payment Card Industry (PCI) Data Security Standard they are keeping their customers’ card details secure, according to David Salisbury of IT consultants 2e2.
“Every business that takes credit card payments has to comply with the PCI’s data Security Standards,” explains David Salisbury. “Businesses are divided into four categories according to the volume of transactions they undertake. Although the PCI doesn’t require all businesses to have their processes audited by a Qualified Security Auditor (QSA), our experience shows that doing so can bring a great deal of comfort to companies , particularly as card details are a valuable commodity to criminals, who use a wide range of methods to get hold of them.”
2e2 recently undertook a full QSA audit of the Channel Islands Co-operative Society’s payment systems and processes. Because of the volume of transactions the Society handles, it fully supports the PCI and wishes to be sure that its customers’ payment details were fully secure.
“Following the audit it was clear that the Co-op have all the controls necessary to a standard that ensures their PCI compliant status,” said David. “The strong commitment from the board level down to protecting their customers’ cardholder data is reflected in the keen awareness and effort that all staff have put in to ensure that the controls are implemented and maintained effectively. This continued effort ensures that customers’ cardholder data remains appropriately managed across the Society.”
David Rees, Society Secretary for ‘The Channel Islands Co-Operative Society Ltd’ said, “Having 2e2’s QSA externally audit our procedures gave the board great confidence that the controls we had put in place are meeting the requirements to protect our customers’ credit card details. 2e2’s process was painless and efficient in allowing us to audit our processes and we look forward to working with them in the future”.
For further information on PCI please contact email@example.com with the subject ‘PCI’ or call 0844 2250526.