Payment Card Industry (PCI) Compliance is a term widely used but often misunderstood. In board terms, PCI is a vast assortment of recommended security policies and technologies to protect consumer credit cards.
The PCI Security Standards Council was founded in 2006 by American Express, Discover, JCB International, MasterCard and Visa. This council is responsible for maintaining, promoting and constantly enhancing standards to protect their payment systems from breaches and theft of cardholder data.
Any business that comes in contact with credit card information is susceptible to these PCI standards.
Modern Retail knows a thing or two about PCI Compliance because, at one time, we built and maintained an e-commerce platform. This platform was PCI certified, and while it no longer exists, the architecture remains and is now being used for our Integration Middleware.
However, our services are not in-scope for PCI Compliance because at no time do any of our integrations ever come in contact with cardholder data. They never touch or store any consumer credit card data. Period.
Nevertheless, Modern Retail continues to follow PCI recommendations because they include best practices around computer and network security. Admittedly, this is a bit overkill given our services are not in-scope for PCI, but let's face it, nothing is more important than security.
Some of our clients have asked us to help them complete various PCI documentation. Completing this documentation is not part of our standard services. However, we can help you fill out any necessary PCI documentation and provide additional information about our infrastructure at our standard billing rates.