PCI Security Compliance in Canada

If you haven’t heard the term “PCI” in relation to your retail Point-of-Sale software, you will soon. PCI is a standard that has emerged as the test for whether or not your retail operations are a security risk for credit card information theft.

What does it mean to me?

If you collect or store credit card information, and if it is compromised, you may lose the ability to accept credit cards at your business. You may also face higher processing rates.

How do I find out more?

To find out more, visit the PCI Security Standards Council – the organization that manages these standards. This is an excellent website which also allows you to do a self-assessment.
For further background information, please read our previous post below, initially published April 28, 2010.
In Canada, PCI Security Compliance has become a hot topic in the payment card industry. As the premier Point-of-Sale and Inventory Management provider in Canada, Canadian Retail Solutions Inc. works hard to monitor and educate retailers on the issues that matter to them. We want to help you understand how PCI Security Compliance will affect your credit card and payment processing systems, and how CRS is responding to these changes. This article is the third in a series (Chip and Pin Credit Cards Changing Payment Processing Practices, Payment Processing Systems to Comply with PA-DSS) intended to address the current security changes taking effect in Canada.

What is PCI Security Compliance?

Payment Card Industry (PCI) Security Compliance has garnered a lot of attention in the media as of late. Of all of the new payment card security standards coming into effect this one is the most encompassing. The credit card and payment processors have mandated all of these changes, PA-DSS and EMV (Chip & PIN Credit Card Payment Processing) both relate to the application and hardware side of your business, while PCI Security Compliance addresses the retailer’s internal security setup and practices with the purpose of mitigating payment security risks. The intention of PCI Security Compliance is to institute requirements to protect sensitive information that is being stored electronically.
For more detailed information on PCI Security Compliance please visit the PCI Security Standards Website at http://www.pcisecuritystandards.org.
We, at Canadian Retail Solutions Inc., would encourage you to engage a QSA (Qualified Security Assessor) to audit your company operations to ensure proper PCI Security compliance.

What Does This Mean for You?

PCI Security Compliance is required, in some form, for every business engaged in credit card payment processing. Your process of certification will vary depending on your volume of credit card transactions. Contact your payment processor for further details on your requirements and next steps.
Canadian Retail Solutions Inc., while being the premier POS Software provider for Canada, is not a QSA and therefore cannot certify your operations for PCI compliance. If you wish to engage a QSA to audit your network we will be happy to point you in the right direction.
PCI Security Compliance is a critical standard to implement in your business; it will increase your entire network security thereby lessening your chances of security breaches of any kind.
Did you miss the previous article on payment processing system compliance? Read more about how PA-DSS (PABP) compliance will affect your payment processing system.