PCI Compliance

Payment Card Industry Data Security Standard (PCI DSS) compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. PCI DSS compliance is required by all card brands.

The 12 criteria of PCI DSS are as follows:

• To safeguard cardholder data, configure and maintain a firewall.

• Never use the system password defaults or any security settings provided by the vendor.

• Safeguard storing cardholder data.

• Transmit cardholder data securely across open, public networks.

• Utilize and update antivirus software as necessary.

• Create and manage secure apps and systems.

• Limit who has access to cardholder information for commercial purposes.

• Give each individual with access to the computer a special ID.

• Limit physical access to cardholder information.

• Keep track of and keep an eye on all network resources and cardholder data access.

• Test security procedures and systems on a regular basis.

• Keep an information security policy in place for all employees.

No matter what the size or location of the organization, it must comply with the Payment Card Industry Data Security Standard (PCI DSS), which is a set of industry-mandated regulations. Five of the largest card brands created the PCI Security Standards Council, and they each participate equally in its activities. All businesses that store, process or transmit payment cardholder data must be PCI Compliant.

Since Mevrik maintains PCI DSS, it indicates that our security policies and practices are up to par. Mevrik does not store any credit card information.