The PCI Security Standards Council is a global forum for the industry to come together to develop, enhance, disseminate, and assist with the understanding of security standards for payment account security. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and VISA, Inc. The current PCI Standards include, among others, the following components:
These security related standards were developed to secure all payment card information from unauthorized access and apply to all transactions surrounding the payment card industry and the merchants/organizations that accept these cards as forms of payment.
More information about the PCI DSS can be found at the PCI Security Standards Council website.
The PCI consists of well over 300 controls that are broken down into the following requirements:
The following requirements stand out, particularly as they apply to UF staff and departments:
“Educate personnel upon hire and at least annually.” To satisfy this requirement, Merchant Services and UFHR Training and Organizational Development offer the online training course TRM125: Payment Card Security Awareness Training
The above training includes a Credit Card Security Ethics Certification to document their understanding of and willingness to comply with all University payment card security policies, directives, procedures and the PCI DSS. This requirement also applies in the case where a UF department outsources credit card payments to a third party vendor.
PCI Security Standards Council
UF Credit Card Merchant Policy
TRM125 – Payment Card Security Awareness Training
Banking & Merchant Services: (352) 392-9057