SELF ASSESSMENT QUESTIONNAIRE

DO YOU NEED TO BE PCI COMPLIANT?

The Results

While you do not process payment details, storing and/or accepting payment information on the behalf of customers does fall under the umbrella of PCI DSS.

As data breaches become more frequent, more public and more costly, it is vital for every business handling customer credit cards to remain current with security protocols and regulations. 

How can you protect your customer’s sensitive information? The answer is by developing and maintaining a secure environment which meets the requirements of applicable data security regulations; for credit card data, this is PCI compliance and for personal data, this is GDPR. However, becoming PCI compliant is often time consuming, complicated and expensive which, according to some estimates, can be up to €60,000 annually.

PCI Booking offers a much quicker and more affordable option. PCI Booking is a cloud based payments solution which captures, stores and transmits payment data on your behalf, thus removing you from PCI scope altogether. In addition, PCI Booking can store your personal data and assist in becoming GDPR compliant.

What you must avoid:
Data being intercepted at payment stage, similar to the British Airways breach

How we can help:
Our secure iFrame is embedded, not hosted, on your site. Information is tokenized as it is entered, and no sensitive information is passed to your systems.

Should hackers gain access in a similar manner to the British Airways, they will simply have no payment information to intercept or find in your system.

What you must avoid:
Hackers accessing sensitive information stored on your site.

How we can help:
Information is not stored on your systems. Instead it is stored on PCI Booking’s secure servers.

What you must avoid:
Recorded calls for training or legal purposes are accessed by hackers

How we can help:
Phone bookings are now completed with a secure payment form shared with customers while on the phone, removing the requirement for customers to verbally communicate their payment details.

What you must avoid:
Non-payment sensitive data, such as scans of passports, have no secure storage system.

How we can help:
With PCI Booking, you can tokenize more than just payment information. Any sensitive information can be tokenized with Data Block Tokenization.

INTERESTED IN LEARNING MORE?

Get in touch with our PCI Experts and see how we can help you become PCI Compliant