|
|
Back to UserFriendly Strip Comments Index
|
PCI responds to credit card security breaches | by Classic_Jon | 2014-02-03 07:12:05 |
|
How "onerous" is it to comply with PCI standards? | by kahuana | 2014-02-03 15:16:28 |
| Last I heard, yes they're intricate, but not all |
by wwill |
2014-02-03 17:07:21 |
that difficult to live with in practice. FINDING them all which apply to you can be a bit of a pain. C-Jon can say better than I of course, or anyone still in the business. But I've taken a look at some of the stuff since starting to read Jon's posts, just to see what he was talking about. The rules are not all that bad.
A whole lot of them seem to be just, "DON'T BE STUPID" laws. Like don't send anything unencrypted to anybody. Choose the most secure way to send something every time. Always verify who you are dealing with. Use methods where you control the contact, that way nobody can spoof you with a faked credential. (That's things like calling the business number in the bank/financial office file and NOT taking a call from some random phone number that isn't in the file.)
If I got any of that wrong, please correct it if you're in the position of knowing better. I am not claiming more than just barely passing knowledge of any of this. One quick read here or there does NOT an expert make and I'm not saying otherwise by any means.
But that seems to be most of what I read, other than things like how long you have to report things, or how long you can hold funds before sending them back or on, and which forms and the like. Book-keeping kind of stuff I didn't get into, just the security and encryption requirements, and that only once-over-lightly.
Not difficult, really. Just can be kind of involved and you need to get it really straight from day one. Just being a merchant isn't even all that convoluted, really. Keep things balanced and don't dilly-dally sending back refunds, sums up most of it. |
|
[ Reply ] |
|
|
[Todays Cartoon Discussion]
[News Index]
|
|
