PCI Compliance

Credit card fraud has been deemed one of the most important issues facing merchants today.


Because of the nature and urgency of fraud prevention, the card associations have joined forces and formed the Payment Card Industry (PCI) Data Security Standard (DSS) to help establish clear security standards in the fight against system break-ins that result in compromised cardholder account information.


This alliance is recognized by all payment card brands


For specific details regarding PCI Compliance, please visit, www.pcisecuritystandards.org.


The PCI Standard states that all merchants who "process, store or transmit" cardholder data must be in compliance. As a rule of thumb, any merchant - regardless of transaction volume - who could expose cardholder data or has a public IP address needs to have scans performed to demonstrate compliance with PCI DSS requirements.


Visa, MasterCard, American Express and Discover are now requiring that all merchants are compliant. You may think you are secure, but that will not stop you from being fined. You must be compliant. These card companies state that if a merchant is compromised and it is determined that they were not in compliance, a fine will be imposed. The fines can be up to $250,000 or more, depending on the amount of information compromised.


Because of the impact these fines can have on our merchants, Spectra Payments has spent a great deal of time and effort researching these standards and evaluating vendors who assist with compliance. To better understand the specific requirements and how they relate to your business, we have partnered with SecurityMetrics to provide merchant compliance assistance.


SecurityMetrics is a qualified compliance assessor recognized by the card associations and PCI counsel and is certified by Visa, MasterCard, American Express and Discover. SecurityMetrics' staff is available to assist you in understanding the PCI requirements and how they apply in your specific situation.


Compliance is easy! First, determine your compliance requirements. If you need assistance determining how these requirements apply in your situation, SecurityMetrics. PCI Advisors are standing by to assist you. SecurityMetrics is assisting Spectra's merchants of in making the determination of individual compliance requirements.


Second, enroll with SecurityMetrics or another Visa and MasterCard approved scan vendor and third, schedule and complete a vulnerability scan on a quarterly or annual basis along with an annual self-assessment questionnaire. Participation in this program is of great importance and is mandatory for all merchants. We appreciate your business and your cooperation in the efforts to minimize cardholder fraud.


If you have questions, please contact Security Metrics
directly at 800-557-4797 or visit their website at www.securitymetrics.com

Spectra Payments is proud member of the PCI Security Standards Council SecurityMetrics for PCI Compliance, QSA, IDS, Penetration Testing, Forensics, and Vulnerability Assessment

Once certified, PCI Compliant
Merchants are entitled to display the SecurityMetrics logo on their website.