The Payment Card Industry (PCI) Security Standards Council is comprised of the major credit card associations (Visa, MasterCard, American Express, Discover and Japan Card).
They have established a set of security standards to ensure that merchants and service providers follow best practices in order to reduce credit card fraud and security breaches. By accepting VISA and MasterCard payments, merchants and service providers are required to become Payment Card Industry compliant.
To provide you with the tools needed to fulfill Payment Card Industry compliance mandates, TSYS has partnered with ControlScan, an Approved Scanning Vendor by the Payment Card Industry.
Ready to get started?
As a TSYS merchant, you may have been automatically enrolled in ControlScan’s program and should receive an email from Control Scan with your username and password.
Click the Login button below to fill out your Self-Assessment Questionnaire (SAQ) and get access to system scanning services (if applicable) and full support.
Lost your username and password or signed up with no email address?
PCI usually refers to the PCI DSS, the Payment Card Industry Data Security Standard. It’s a set of requirements designed to ensure that any organization that processes, stores or transmits credit card information maintains a secure environment to prevent this information from being stolen. Being “PCI Compliant” means that a business has completed a PCI self-assessment questionnaire (SAQ) showing that appropriate measures have taken to protect sensitive credit card information.
Yes, PCI Compliance is critically important for any business that accepts credit cards, regardless of size or processing volume. Being PCI Compliant means that you are taking all necessary security measures to protect yourself and your customers in regards to credit card processing. Without PCI Compliance, a business may be vulnerable to attack through data breaches or fraud, resulting in thousands of dollars in fines and customer reimbursements.
Even if you are doing everything according to PCI regulations, you are not considered “PCI compliant” until you’ve completed an SAQ for the year, as well as any required quarterly scans.
Once PCI compliance is established, a merchant will be considered compliant for 1 year. Since criminals evolve their methods as fast as new technology develops, merchants must review their equipment and procedures at least annually to ensure they continue to protect their business and their customers against fraud.
Yes, as long as it indicates when and which SAQ was completed, as well as information regarding any required scans.
SAQ stands for “self-assessment questionnaire.” It is a series of questions that assesses a business’ compliance status based on the equipment used and procedures in place.