To provide insight into the networking industry, Westbase.io run a “What Is” blog series. Take a look at the latest edition; What is PCI Compliance?
What is PCI Compliance?
The term PCI (Payment Card Industry) Compliance is a set of standards that must be met by all companies or merchants that accept payment from their customers via credit or debit card.
In 2006, an independent body – the PCI Security Standard Council (PCI SSC) – was formed in order to manage and administer the Payment Card Industry Data Security Standard (PCI DSS). Businesses and merchants must ensure they comply with the PCI DSS so that maximum security is provided for customers when processing their payments and data.
PCI standards apply to:
- Point-of-sale systems
- Store networks and wireless access routers
- Payment card data storage and transmission
- Card readers
- Payment card data stored in paper-based records
- Online payment applications and shopping carts
For businesses, retailers for example, being PCI compliant highlights to customers that their information is protected, demonstrating an on-going commitment to the customer and creating an extra layer of trust. It also allows businesses to enhance their reputation with customers and banks alike. Organisations that fail to comply with these standards can be subject to fines or legal action which can not only have high financial impacts, but it can affect the brand reputation as well.
PCI Compliance and 4G LTE Networking
Many retailers or similar businesses often find themselves using temporary store locations to bring their wares to new audiences, such as markets, events and promotional locations like shopping centres. While this isn’t a permanent store placement, it is vital that it still complies with the PCI DSS – yet the network provision (if any) at such locations often isn’t compliant, putting the business at risk.
As such, organisations who need to keep their transactions PCI compliant while still completing them in any location, could benefit from a pop-up network which they manage – and for which a 4G LTE router or gateway provides the perfect solution. Though not all such networking hardware will be compliant, all Cradlepoint devices as well as the Sierra Wireless AirLink ES450 and GX450 are PCI compliant, and perfect for this type of deployment.
It is not just pop-up networks which need to be PCI compliant however. While businesses will ensure their primary, fixed location networks are compliant, they also need to ensure that any failover measures put in place can continue to deliver compliance when they are required for use. Again, 4G LTE provides an ideal solution for connectivity failover and the Cradlepoint ARC CBA850 and AER Series, which are PCI compliant and purpose-built for this application, provide the ideal solution. The Sierra Wireless AirLink ES450 also provides a great, compliant solution for PoS failover.
For more information on PCI Compliance visit the PCI Security Standards Council official website. For more information on the applications and products discussed, please follow the links provided in the body of the article.