The title comes across much scarier than it actually is. Let’s start with the question – what is PCI DSS? PCI DSS stands for Payment Card Industry Data Security Standard. This means that the Payment Card Industry has established certain standards and compliance that must be met and kept in order to maintain a secure environment for cardholders. This includes a cardholder’s sensitive data and information such as cardholder’s name, account numbers, expiration dates, and card verification code (CVC).
In addition to the mandatory standards and compliance above, a merchant that uses payment processors must fall into 1 of 4 merchant levels. These levels are determined based on how many transactions are handled by the merchant each year. The levels are based on a scale of 1 to 4 with 1 being the highest number of transactions (6,000,000 and above) and 4 being the lowest number of transactions (20,000 or less).
Based on the merchant level you fall into, your level of security is determined. As the merchant levels increase, your security requirements decrease. Therefore, being a level 1 merchant requires more security requirements, whereas a level 4 merchant requires less PCI compliance requirements.
To be a PCI DSS level 1 processor means you are processing 6,000,000 transactions a year. Due to the high number of transactions, you are required to adhere to much stricter security and compliance requirements. These include an annual compliance report, a quarterly network scan, and an attestation of compliance form.
PCI certification allows businesses to reduce the risk of data breaches and potentially losing all their customer’s sensitive information. It is important for schools to gain and hold onto parents’ trust, and by having PCI certification, you can give parents peace of mind knowing that their sensitive information remains private and secure.
To be using a payment processing system such as RevTrak®, a level 1 PCI processor, means you are using a system maintained by robust and thorough security and compliance measures. We take PCI compliance seriously. It is our mission to see that your sensitive information is kept safe and sound. You can rest assured knowing your sensitive information is maintained in a secure location.
If you are interested in learning more about PCI DSS, please look at the PCI Compliance Guide.