PCI Compliance is mandated by the card associations

PCI compliance is mandated by the payment card brands (MasterCard, Visa, American Express and Discover). However, for most merchants, the deadlines for validating compliance with the PCI DSS have already passed. Fuel marketers should check with their processing partner and/or merchant bank to check if any specific deadlines apply to them, based on merchant transaction volume (level) as determined by the card payment brands. All entities that transmit, process or store payment card data must be compliant with PCI DSS.

According to a recent report, the most common source of credit card data breeches originated from the merchants software solution.  It is imperative that fuel marketers contact their software provider and verify their PCI compliance.   Software vendors must provide firms with written documentation verifying their PCI compliance.  Furthermore it  is also important to be aware the PCI requirements change frequently and as a merchant, you must make sure your software partners as well as your internal organization keeps up to date with these changes.

The team at COCARD/Richmond Financial Services is committed to assisting the industry and helping Dealers keep up to date with the most recent requirements.  Their website has recently been updated to include an entire section dedicated to PCI.  Please visit their site at www.cocardprocessing.com.