Credit card data security standards

The credit card industry maintains the Payment Card Industry Data Security Standard (PCI-DSS). The PCI-DSS requirements help organizations proactively protect credit card information from being compromised.

The PCI-DSS requirements apply to all system components within the payment application environment; that is, any network device, host, or application included in or connected to a network segment that stores, processes, or transmits customer cardholder data (CHD) and other payment data related information.

PCI compliance must be obtained by you, the merchant, as an assessment of your actual server (or hosting) environment. Obtaining PCI compliance is the responsibility of you, the merchant, and your hosting provider, working together, using PCI-compliant server architecture with proper hardware and software configurations and access control procedures.

With the CenPOS token system, CHD is no longer stored on your system, allowing you to maintain PCI DSS compliance, and reducing your scope for that part of a PCI compliance audit.

For more information on PCI compliance, including specific requirements, visit the Official PCI Security Standards Council Site.