Pipeline Data - Payment Card Industry DSS Call to Action

Mandatory Compliance with the PCI DSS

Pipeline Data Inc is required to ensure that all of our merchant clients are notified of the Payment Card Industry Data Security Standard (PCI DSS) security requirements and are provided a method to certify their compliance with this mandatory program.

The PCI DSS is a set of comprehensive and mandatory requirements for securing payment cardholder data. This set of 12 requirements was developed by the founding payment brands of the PCI Security Standards Council (American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International) to facilitate the adoption of consistent data security measures globally. The PCI DSS includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures intended to proactively protect customer account data.

Pipeline Data provides a process for completing the PCI DSS Compliance questionnaire and certifying compliance with the PCI DSS standards requirement. All Pipeline merchants are enrolled in this program as a function of their becoming Pipeline Data merchants. The Pipeline Data merchant PCI DSS portal is located at https://www.pipelinedata.com/pci/. This program assists merchants with certifying their compliance with the PCI DSS. All merchants who accept credit cards are required to comply with the PCI Data Security Standard.

The PCI compliance program validation requires merchants to complete one both of the below activities:

• A self-assessment Questionnaire and certification of compliance (Annually)
• A quarterly network vulnerability scan (if applicable)

The results of the scans and the questionnaire will guide merchants to properly configuring and protectng their payment accepting programs and policies. Merchants can complete all these requirements using the Pipeline PCI portal as noted above

Pipeline Data strongly endorses the need for more stringent standards regarding the handling of cardholder data. The creation of the PCI Compliance Program is a proactive measure to ensure that all merchants adopt these standards and certify compliance on an on-going basis.
If you have any questions or concerns, please contact Pipeline at pci@pipelinedata.com.

For additional information on the PCI DSS or the individual card brands’ data security requirements and programs, please visit the following links:

• PCI Security Standards Council site: www.pcisecuritystandards.org
• VISA CISP: www.visa.com/cisp
• MasterCard SDP: www.mastercard.com/sdp
• American Express DSOP: https://www209.americanexpress.com/merchant/singlevoice/dsw/FrontServlet?request_type=dsw&pg_nm=home&ln=en&frm=US
• Discover DISC: http://www.discovernetwork.com/resources/data/data_security_overview.html