The PCI SSC is the membership organization responsible for three important security standards related to safeguarding payment transaction data.
All parties involved in payment card acceptance must safeguard payment transaction data and comply with the applicable standard(s). If a system with payment card information is hacked or stolen, then the compromised party must take steps to report the data security breach and work with forensics investigators, law enforcement, merchant acquiring stall and others to report findings. The best defense is to implement data security operating policies, limit stored payment card data and safeguard data that is necessary.
The card associations developed the PCI DSS to help strengthen data security at the merchant level and combat credit card data compromises. Merchants with point-of-sale (POS) systems and computers with an internet connection are at significant risk for having sensitive data - such as customer credit card data - stolen. This kind of theft from security breaches at merchant locations - both large and small - has cost merchants millions of dollars in fines, restitution and reputation. All merchants with internal systems that store, process or transmit cardholder data must comply with Payment Card Industry (PCI) Security Standards.
To demonstrate our level of commitment, Global Payments now offers a new Merchant Protection Program with a Qualified Payment Application Security Company to help Level 4 Merchants with their PCI DSS compliance validation. Click here for more information.
The card schemes have all implemented mandates to ignite the movement of EMV technology in the U.S. to help reduce credit card fraud and move towards the next level of technology.
American Express will work alongside other industry participants to drive interoperability across the U.S. and other countries and support chip-based technology for chip and PIN, chip and Signature, contactless and mobile transactions. The company's key policy requirements and dates are:
For more information, visit American Express' website.
Discover announced it is implementing a US EMV mandate.
For more information, visit Discover's website.
MasterCard announce their U.S. EMV Roadmap which included all card authentication channels, all cardholder verification methods and all commerce channels.
For more information, visit MasterCard's website.
Visa announced their Accelerate U.S. EMV Chip Migration Strategy.
For more information, visit Visa's website.
Global Payments is striving to meet the industry mandates and assist our clients throughout their migration process.
- See more at: https://www.globalpaymentsinc.com/us/accept-payments/in-person/emv-card-acceptance
In November 2012, the federal district court overseeing In re Payment Card Interchange Fee and Merchant Discount Antitrust Litigation (MDL 1720), the merchant class action interchange litigation against MasterCard, Visa and other defendants, preliminarily approved a class settlement agreement that resolves antitrust claims involving MasterCard and Visa's interchange and merchant acceptance rules in the U.S. and its territories.
Following the class action litigation settlement, U.S. merchants are now allowed surcharge MasterCard and Visa Credit card transactions (not debit or pre-paid card transactions) at the "brand level" (i.e. MasterCard or Visa) or at the "product level," but not both, subject to the following requirements:
Merchants must continue to respect a cardholder's decision to pay with MasterCard and Visa. The settlement does not impact merchants' existing obligation to accept for payment properly presented MasterCard and Visa cards, including rewards cards. In addition, the rule changes that MasterCard and Visa are implementing under the settlement do not affect any obligation of a U.S. merchant to comply with all applicable state or federal laws, including state laws regarding surcharging of credit or debit card transactions and federal and state laws regarding deceptive or misleading disclosures.
11 states or territories prohibit surcharging: