Guard against security risks: Maintain your first line of defense
Elavon • Article
4 min. Read
Content originally appeared in the Payment Smart newsletter: 01/2024
Businesses that keep payment data security practices up to date and top of mind reduce the risk of falling victim to several common types of fraud and data breach events.
Your first line of defense is annually validating compliance with the Payment Card Industry Data Security Standard (PCI DSS). There are 12 goals, along with additional standard security requirements, that ensure best practices are in place to process, store and transmit debit and credit card data responsibly.
Why is annual validation so important?
PCI DSS validation only reflects a single point in time. As your business evolves (training, policies, processes, points of sale, technology), so must your payment data security precautions. That is why it is critical to keep up with periodic reviews and revalidate your compliance in a timely manner.
Payment acceptance environments without updated controls that are continuously enforced and monitored are easy targets for criminals.
PCI DSS version 4.0 goes into effect April 1
Last year, the Payment Card Industry Security Standards Council (PCI SSC) published an updated PCI DSS version 4.0 that goes into effect April 1. The previous version 3.2.1 will be retired at that time.
PCI DSS version 4.0 includes significant changes that place a greater emphasis on security as a continuous process rather than an annual snapshot exercise. It also promotes fluid data management practices that integrate with a business’s overall approach to payment data security and compliance.
To ensure a smooth transition, we recommend beginning your validation process early and validating to the new 4.0 standard. For customers enrolled in our PCI Compliance Manager program, the platform will be updated to align to the 4.0 standard.
We will release helpful information in the coming weeks. Meanwhile, visit the PCI DSS document library* for more information.
Compliance management support
If you’re unsure of where to start or if your validation has lapsed, your Customer Account Manager can help you get back on track. Your account manager can also tell you more about our PCI Compliance Manager program designed to make PCI DSS compliance validation easier.
* By selecting the included links, you will leave Elavon content and enter a third-party website. Elavon is not responsible for the content of, or products and services provided by these third parties, nor does it assure the system availability or accuracy of information contained in the sites. These websites are not controlled by Elavon. Please note that the third-party websites may have privacy and information security policies that differ from those of Elavon. These materials are general in nature and may not address all situations or card processing circumstances. All programs or offers may be discontinued, altered, or amended without notice. We accept relay calls.