The Payment Card Industry Data Security Standard (PCI DSS) is a global data security standard to protect confidential payment card information against theft.

Who should be PCI DSS Compliant

Since 2006, most large organizations are now PPCI DSS compliant. The acquirers are responsible in the structure to make sure that all merchants, even small ones, are getting compliant. This includes service providers, processors, merchants, acquirers, and issuers, but also any entity that stores, processes or transmits cardholder data. When payment through credit card is handled, PCI DSS applies.

What is Accel-PCI and how can it help?

Accel-PCI helps small merchants achieving compliance and put in place some guidelines and processes for any entity handling credit card data to take measures to minimize their risks through PCI DSS. In order to avoid risks and penalties, all organizations of any size handling credit cards need to put security measures in place and go through training to become PCI DSS compliant.

This process is not easy, and certification needs to be renewed yearly. With Accel PCI, we provide a tool that will guide you through all the steps to achieve your certification but also help your organization handle the payments in a more secure way through trainings and support, but also through IT security audit when necessary. Accel PCI also reviews every step and guides you through your process to obtain your Attestation of Compliance (AOC) and avoid unnecessary penalties, all under the supervision of Certified Qualified Security Assessors (QSA).

What is a QSA and an AOC?

The council created a network of Franchisees to help merchants getting compliant. Those are called QSA or Qualified Security Auditor. Accel-PCI uses a method designed by QSAs to help merchants get compliant in a very efficient way. The document to be filed to the acquirer by the merchant to demonstrate its compliance is called Attestation of Compliance or AOC.

PCI DSS Levels

Level 1 - more than 6,000,000 MasterCard or Visa transactions per year

Level 2 - more than 1,000,000 MasterCard or Visa transactions per year

Level 3 - more than 20,000 MasterCard or Visa e-commerce transactions per year

Level 4 - all other merchants

For Level 1 merchants, a complex audit must be performed by a Qualified Security Assessor (QSA).

For Levels 2 to 4, a Self Assessment Questionnaire (SAQ) can simply be completed. However, there are different levels of SAQ and these need to be understood.

Accel PCI proposes a survey-style questionnaire that will guide you, the merchant, towards the right SAQ, and offer assistance in completing your SAQ.