Meeting Credit Card Security Requirements
May 11, 2005
If your institution stores, processes, or transmits cardholder data, you must comply with the Payment Card Industry Data Security Standard (PCIDSS). Further, if your institution stores, processes, or transmits 20,000 to 6 million e-commerce transactions per year, you must validate compliance with PCIDSS by June 30. The June 30 e-commerce validation requirements are specific only to online transactions within the range noted above.
PCIDSS offers a single approach to safeguarding sensitive data for all card brands. Designed to create common industry security requirements, this standard is a result of collaboration between Visa and MasterCard; other card companies operating in the United States have also endorsed the PCIDSS within their respective programs.
Compliance is required of all merchants and service providers that store, process, or transmit cardholder data and applies to all payment channels: at the point of sale, over the Internet, on the phone, or through the mail.
The PCIDSS is composed of 12 basic requirements, which are supported by more detailed sub-requirements. In addition, compliance requirements must be validated. Levels of compliance are prioritized and defined on the basis of volume of transactions, potential risk, and exposure introduced in the system by merchants and service providers.
For a merchant or service provider that is not in compliance with the security requirements or that fails to rectify a security issue, Visa or MasterCard may fine the acquiring member, impose restrictions on the merchant or its agent, or permanently prohibit the merchant or its agent from participating in its programs.
More information about Visa's Card Information Security Program (CISP) is available on the Visa Web site.
NACUBO is offering an interactive webcast designed for colleges and universities that will cover compliance levels, criteria, validation actions, and compliance benefits. Meeting Credit Card Security Requirements is scheduled for May 24 and will be available for on-demand viewing after that date.
- College Endowment Average Return Falls to 2.4 Percent in FY15, Endowment Spending Up Sharply
- NACUBO Urges One-Year Postponement of Changes to 1098-T Reporting Requirements
- GASB Addresses Asset Retirement Obligations and Seeks Field Testers
- 2016 Higher Education Accounting Forum
April 10-12, 2016
- 2016 CAO and CBO Collaborations
August 1-2, 2016
- 2016 Planning and Budgeting Forum
September 19-20, 2016
- WEBCAST: Legislative Lunchcast: A 30-Minute Washington Update from NACUBO
Monday, February 22, 2016 12:00pm ET
- WEBCAST: Responsibility Center Management: Two Different Perspectives
Thursday, March 17, 2016 1:00PM ET
- WEBCAST: Title IX: Key Issues Surrounding Institutional Compliance
Wednesday, April 20, 2016 1:00PM ET
- WEBCAST: The Clery Act: Strategic Planning to Mitigate Institutional Risk
Thursday, May 26, 2016 1:00PM ET
- ON-DEMAND: NACUBO Live! Results of the 2015 NACUBO-Commonfund Study of Endowments
- A Guide to College and University Budgeting: Foundations for Institutional Effectiveness, 4th ed. - by Larry Goldstein
- NACUBO's Guide to Unitizing Investment Pools - by Mary S. Wheeler
- Managing and Collecting Student Accounts and Loans - by David R. Glezerman and Dennis DeSantis