The Payment Card Industry Data Security Standard (PCI DSS) is a global data security standard designed to protect the confidential information of payment cards against theft.

Who should be PCI DSS Compliant?

Since 2006, most large organizations are now PCI DSS compliant. The acquirers are responsible for ensuring that all merchants, even the smallest ones, are compliant. This includes service providers, processors, merchants but also any entity that stores, processes or transmits cardholder data. When a credit card payment is processed, PCI DSS applies.

In order to avoid risks and penalties, all organizations, regardless of their size, must implement security measures, undergo training and obtain their PCI DSS Attestation of Compliance (AOC) when accepting credit cards.

Who is ACCEL PCI and how we can help you?

ACCEL PCI helps small merchants obtain their PCI DSS Attestation of Compliance (AOC) and implement guidelines and processes that allow them to minimize the risks of theft associated with handling credit card data.

This process is rigorous and subject to annual renewal. ACCEL PCI provides a web platform that guides merchants through all the steps to obtain their Attestation of Compliance, through:

• An orientation form to help merchants determine which Self-Assessment Questionnaires (SAQs) to fill out;

• Pre-filled SAQs to assist merchants in their decision-making and compliance process.

ACCEL PCI also reviews each step and guides merchants throughout the process to help them obtain their Attestation of Compliance (AOC) and avoid unnecessary penalties, all under the supervision of Qualified Security Assessors (QSAs).

In a nutshell, ACCEL PCI helps companies take steps to secure payment information and data through training, technical support and a security audit (complementary service).

What is a QSA and an AOC?

The PCI Security Standards Council has created a network of franchisees to help merchants to comply. These franchisees are called "Qualified Security Assessor (QSA)". ACCEL PCI uses a method designed by QSAs to help merchants comply in a very efficient way. At the end of the compliance process, ACCEL PCI issues the Attestation of Compliance (AOC). The AOC is the document that merchants must file with the acquirer to demonstrate compliance.

PCI DSS Levels

Level 1 - More than 6,000,000 MasterCard or Visa transactions per year

Level 2 - More than 1,000,000 MasterCard or Visa transactions per year

Level 3 - More than 20,000 MasterCard or Visa transactions per year

Level 4 - All other merchants

For Level 1 merchants, a detail audit performed by a Qualified Security Assessor (QSA).

For Levels 2 to 4, the ACCEL PCI Self-Assessment Questionnaire (SAQ) can be completed online. However, there are different levels of SAQ and these must be understood.

This is why ACCEL PCI offers an orientation form that guides merchants to the right SAQ. In addition, ACCEL PCI offers pre-filled SAQ to assist merchants in their decision-making and compliance with the PCI DSS standard.