According to the PCI Compliance Guide, PCI applies to ALL organizations or merchants, regardless of size or number of transactions, that accepts, transmits, or stores any cardholder data. Said another way, if any customer of that organization ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply. Read the full PCI Compliance Guide to learn more.
What credit card information must be protected?
The PCI Compliance Guide also notes that cardholder data is any personally identifiable data associated with a cardholder. This could be an account number, expiration date, name, address, social security number, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.
More specific cardholder data examples include:
Primary Account Number (PAN) 16-digit number on credit card
CVV or DVV2 (security codes)
Credit Card PIN (Personal Identification Number)
Card Expiration Date
Type of Card (Visa, MasterCard, etc.)
Cardholder’s name in conjunction with any items listed above
What is the primary security concern for Americans?
The Unisys Security Index is a bi-annual global study of consumer opinion on four areas of security: financial, national, Internet and personal safety. The results were tallied on a scale of 0-300, with 300 representing the highest level of perceived concern. The average score of 147 for the current Unisys Security Index for the United States indicates a moderate level of overall security concern (out of over 1,000 U.S. respondents).
Additional findings from the latest U.S. Unisys Security Index include:
Credit and debit card fraud is now the primary security concern for Americans. More than two-thirds of respondents (68 percent) are either extremely or very concerned. The proportion of Americans indicating no concern is at the lowest level since Unisys began the global study.
Only 25 percent of Americans have no concern about meeting their financial obligations. More than half of all Black Americans and Hispanic Americans polled are extremely or very concerned with meeting their financial obligations. In particular, almost three-quarters of Black Americans (74 percent) are concerned.
Older Americans and Americans with higher salaries are less concerned about meeting financial obligations than younger Americans and Americans with lower salaries.
Two-thirds of Americans (66 percent) are seriously concerned about unauthorized access to or misuse of personal information. Overall, the level of concern on this issue has remained relatively high and constant since the first global study in August 2007.
The percentage of Americans is extremely or very concerned about war or terrorism dropped to the lowest level for all surveys in the Unisys Security Index series.
View all the findings from the Unisys Security Index.
Tips for Handling Credit Card Data
Keep all credit card data secure and confidential:
Do not store sensitive cardholder data on computers, such as: Full account numbers, Types, Expiration date, CVC2/CVV2 data
Do not transmit credit card data in an insecure manner, including: Email, Unsecured Fax, Chat
Secure all documents containing credit card information in locked file cabinets with access to staff on a need-to-know basis in order to carry out job duties
Destroy all documents containing credit card information by shredding after their useful life has expired
Restrict access to credit card data to appropriate and authorized personnel only
Be sure to check out our other blog posts on security. Share your tips for protecting your business with us on Facebook and Twitter.