Q: What is PCI?
A: PCI (or, more formally, PCI DSS) stands for Payment Card Industry Data Security Standard. PCI DSS is a set of requirements designed to ensure that ALL organizations that process, store, or transmit credit card information maintain a secure environment. PCI standards are managed by the PCI SSC or Payment Card Industry Security Standards Council, an independent body formed by the five major card brands -- VISA, MasterCARD, AMEX, Discover and JCB.
Q: Does PCI apply to me?
A: If you accept credit cards as a means of payment, YES, PCI applies to you. In fact, PCI-DSS is an especially important issue in the world of higher education because of the complex payment networks present in this environment and the relatively open frameworks found in many college and university environments. Click here for an intriguing report from the Treasury Institute on why banks view the college campus as a high risk environment when it comes to PCI compliance.
Q: What happens if I am not PCI compliant?
A: If a merchant is not PCI compliant and is breached, the penalties can be severe, reaching into the millions of dollars. Click here for more information on fines and penalties related to PCI non-compliance.
Q: Is there an easy way to address PCI compliance issues?
A: Not really. If you accept credit cards as a means of payment on your campus, PCI applies to you. But that doesn't mean you have to go it alone. NBS offers PCI compliant eBilling & ePayment, Actively Managed Tuition Payment Plans, Cashiering (POS) and Refunds services to colleges and universities. Working with a vendor like NBS can significantly reduce your PCI scope as well as much of the risk and potential work involved in becoming PCI compliant.