Serving your customers is about more than just offering great products and being responsive -- it's also about protecting their payment data. Merchants must meet PCI DSS compliance standards to help protect the security of their customers' credit and debit card information.
Though meeting PCI DSS compliance standards can feel overwhelming, it doesn't have to be. Here's what you need to know about becoming PCI DSS compliant.
PCI compliance basics
The Payment Card Industry Data Security Standard (PCI DSS) -- also known as PCI compliance -- is the set of 12 security requirements mandated by credit card networks. This standard applies to any business that processes, stores, or transmits credit cards, regardless of its size or location.
The 12 requirements specify the rules necessary to ensure the following obligations:
PCI compliance standards also require you to, at a minimum, complete an annual Self Assessment Questionnaire (SAQ) to validate PCI DSS compliance. In certain cases, you may be required take take additional steps to validate PCI compliance. A merchant who fails to meet compliance standards will face penalties assessed by the card networks. In addition, the PCI-related fines for merchants who are non-compliant and suffer a data breach can be significant.
SAQ and QSA
The various types of SAQ forms available might bewilder anyone who doesn't read PCI compliance rules for fun. However, processing with Braintree Direct gives you a leg up: we provide PCI compliance validation through our partner Qualified Security Assessor (QSA), SecurityMetrics. (Additional charges may apply when you hit Level 1 or Level 2 thresholds -- inquire directly with Security Metrics for more information.) Having an expert guide you through the SAQ process can help you remain PCI compliant with minimal stress.
Braintree's PCI-compliant offerings
In addition to helping you validate PCI compliance with assistance from SecurityMetrics, Braintree also offers options that will fit seamlessly into your checkout while helping streamline your PCI compliance validation:
PCI compliance is good business
Achieving and maintaining PCI compliance may not be a public-facing part of your customer experience, but it's crucial for building your customers' trust and loyalty, as well as helping to protect your business from potential data breaches. Partnering with Braintree can help streamline the PCI compliance validation process, so you can put your focus where it belongs -- on building your business and pleasing your customers.