{"id":3191,"date":"2024-12-03T14:28:13","date_gmt":"2024-12-03T14:28:13","guid":{"rendered":"https:\/\/client-acora.s.nomatter.dev\/one\/?p=3191"},"modified":"2024-12-03T14:28:13","modified_gmt":"2024-12-03T14:28:13","slug":"pci-dss-compliance","status":"publish","type":"post","link":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/","title":{"rendered":"PCI DSS Compliance"},"content":{"rendered":"<p>According to <a href=\"https:\/\/www.verizon.com\/business\/verizonpartnersolutions\/business\/resources\/reports\/2020-public-sector-payment-security-report.pdf?msockid=2a3b3dc642c467fe1e8728d9435b6666\">Verizon\u2019s Payment Security Report 2020<\/a>, only\u00a0<strong>27.9%<\/strong>\u00a0of\u00a0global businesses are\u00a0compliant with the\u00a0PCI DSS standard.<\/p>\n<p><strong><em>Did you know? \ud83d\udca1<\/em><\/strong><\/p>\n<p>If you handle payment card information, you need to comply with the PCI DSS standard in the UK to protect stored cardholder data.<\/p>\n<p>As a business, you need to take PCI DSS compliance seriously. So let\u2019s take a look at what the standard is, what it covers, and how you can become compliant.<\/p>\n<h3><strong>What is PCI DSS compliance?<\/strong><\/h3>\n<p>PCI DSS stands for Payment Card Industry Data Security Standard. (Now there\u2019s a mouthful!)<\/p>\n<p>It is an\u00a0information security standard\u00a0designed to:<\/p>\n<ul>\n<li>Secure cardholder data<\/li>\n<li>Prevent payment card data fraud<\/li>\n<li>Allow people to shop safely and with confidence<\/li>\n<\/ul>\n<p>PCI DSS was originally developed through a collaboration between the five leading\u00a0payment brands:<\/p>\n<ul>\n<li>American Express<\/li>\n<li>Discover<\/li>\n<li>JCB<\/li>\n<li>MasterCard<\/li>\n<li>Visa<\/li>\n<\/ul>\n<p>It\u2019s now managed by the <a href=\"https:\/\/www.pcisecuritystandards.org\/\">PCI SSC<\/a>\u00a0(Payment Card Industry Security Standards Council or PCI Security Standards Council).<\/p>\n<h3><strong>Why do I need to be PCI DSS compliant?<\/strong><\/h3>\n<p>Payment-card fraud is a serious problem.\u00a0According to the most recent\u00a0<a href=\"https:\/\/www.ukfinance.org.uk\/system\/files\/Fraud%20The%20Facts%202021-%20FINAL.pdf\">UK Finance report<\/a>, unauthorised financial fraud losses across payment cards, remote banking and cheques totalled\u00a0<strong>\u00a3783.8 million<\/strong>\u00a0in 2020.<\/p>\n<p>You will need to be compliant in PCI DSS for the following reasons:<\/p>\n<ul>\n<li>Handle cardholder data and money securely<\/li>\n<li>Prevent identity theft<\/li>\n<li>Prevent fines<\/li>\n<li>Trust in your business<\/li>\n<li>Compliance<\/li>\n<\/ul>\n<p>So PCI DSS compliance is definitely something worth getting right first time.<\/p>\n<h3><strong>PCI DSS Glossary of Terms<\/strong><\/h3>\n<p>PCI DSS compliance involves a lot of specialised terms and acronyms, see some of the main ones detailed below.<\/p>\n<p><strong>PCI<\/strong> &#8211; Payment Card Industry &#8211; The firms involved in taking card payments<\/p>\n<p><strong>PCI DSS<\/strong> &#8211; Payment Card Industry Data Security Standard &#8211; An information security standard to protect cardholders\u2019 data when they shop<\/p>\n<p><strong>PCI SSC<\/strong> &#8211; Payment Card Industry Security Standards Council &#8211; The body that manages PCI DSS and authorises ISAs<\/p>\n<p><strong>ASV<\/strong> &#8211; Approved Scanning Vendor<\/p>\n<p><strong>ISA<\/strong> &#8211; Internal Security Assessor &#8211; An organisation whose employees have been trained in PCS DSS by the PCI SSC<\/p>\n<p><strong>QSA<\/strong> &#8211; Qualified Security Assessor &#8211; An independent organisation that has been approved to check for PCI DSS compliance<\/p>\n<p><strong>SAQ<\/strong> &#8211; Self-Assessment Questionnaire &#8211; A questionnaire that merchants can use to check their own compliance with PCI DSS<\/p>\n<p><strong>RoC<\/strong> &#8211; Report on Compliance &#8211; A document with detailed results from a PCI DSS assessment \u2013 usually one carried out by a QSA during an audit. All Level 1 merchants (see below) must complete an RoC<\/p>\n<p><strong>AoC<\/strong> &#8211; Attestation of Compliance &#8211; A form that you complete and submit with your SAQ to confirm that you are eligible to carry out self-assessment, and that you have done so. You also submit an AoC along with an RoC<\/p>\n<p><strong>Merchant<\/strong> &#8211; A merchant represents a person or company that sells goods or services<\/p>\n<p><strong>PSP<\/strong> &#8211; Payment Service Provider &#8211; Third parties that help merchants accept payments<\/p>\n<h3><strong>Do I have to comply with PCI DSS?<\/strong><\/h3>\n<p>All merchants and PSPs who process, transmit or store credit card data should abide with PCI compliance.\u00a0You need to comply with the PCI DSS if you:<\/p>\n<p>Take card payments\u00a0online through an ecommerce website<\/p>\n<p>Take card payments\u00a0in person using a card reader or contactless payments \u2013 for example, in a shop or restaurant<\/p>\n<p>Take card payments\u00a0over the phone, using the details provided by the cardholder<\/p>\n<p>You also have to comply with the PCI DSS if you process payments or handle credit card data on behalf of someone else.\u00a0If you do this, you are known as a\u00a0PSP (Payment Service Provider).\u00a0Some businesses can be both a merchant and PSP at the same time.<\/p>\n<h3><strong>How many requirements are needed to become PCI DSS compliant?<\/strong><\/h3>\n<p>There are a total of\u00a012 steps or security controls that you need to take to meet the PCI data security standard.\u00a0The 12 PCI DSS compliance steps are divided into\u00a06 goals:<\/p>\n<p><strong>1. Build and maintain a secure network and systems to protect cardholder data<\/strong><\/p>\n<p>Install and maintain a firewall configuration to protect cardholder data, and test it regularly<\/p>\n<p>Do not use vendor-supplied defaults for system passwords and other security parameters. Change them as soon as you can and update them frequently<\/p>\n<p><strong>2. Protect stored cardholder data with encryption<\/strong><\/p>\n<p>Protect stored cardholder data. Only store cardholder data what you absolutely need to, and keep it safe both digitally (through backups, passwords and access control) and physically (through limiting access to your server)<\/p>\n<p>Encrypt transmission of cardholder data across open, public networks, so nobody can read it in transit<\/p>\n<p><strong>3. Maintain a vulnerability management program<\/strong><\/p>\n<p>Protect all systems against malware and regularly update anti-virus software or programs<\/p>\n<p>Develop and maintain secure systems and applications, so you stay one step ahead of potential problems<\/p>\n<p><strong>4. Implement strong access control measures<\/strong><\/p>\n<p>Restrict access to cardholder data to those who genuinely need to know it<\/p>\n<p>Identify and authenticate computer access to system components<\/p>\n<p>Restrict physical access to cardholder data<\/p>\n<p><strong>5. Regularly test security systems<\/strong><\/p>\n<p>Track and monitor all access to network resources and cardholder data<\/p>\n<p>Regularly test security systems and processes<\/p>\n<p><strong>6. Maintain an information security policy<\/strong><\/p>\n<p>Maintain a policy that addresses information security for all personnel<\/p>\n<p>&nbsp;<\/p>\n<p>Each of these steps helps to reduce your risk of cardholder data loss or fraud.\u00a0It can also help you to understand any potential security vulnerabilities.\u00a0You can read the\u00a0<a href=\"https:\/\/www.pcisecuritystandards.org\/document_library\/?category=pcidss&amp;document=pci_dss\">full requirements for PCI DSS<\/a> on the PCI SSC\u2019s website.<\/p>\n<h3><strong>What happens if you don&#8217;t comply with PCI DSS?<\/strong><\/h3>\n<p>If you aren\u2019t compliant and there\u2019s a breach of the standard, your payment provider can impose a fine on your bank.<\/p>\n<p>For their part, the bank may:<\/p>\n<ul>\n<li>Pass the fine on to you<\/li>\n<li>Refuse to accept card payments from you<\/li>\n<li>Close your bank account altogether<\/li>\n<\/ul>\n<p>Suffered a breach and want to carry on taking card payments?\u00a0You\u2019ll have to\u00a0<a href=\"https:\/\/acora.one\/news\/article\/pci-dss-compliance#what-are-the-pci-dss-levels-for-merhants\">meet Level 1 requirements<\/a> for cardholder data from then on, regardless of how many credit card transactions you process.\u00a0Got fined and still can\u2019t prove your compliance?<\/p>\n<p>You may face further fines until you take the necessary steps to data security.\u00a0For larger firms, the fines can add up to as much as<strong>\u00a0\u00a380,000<\/strong>.\u00a0That should be a clear indication of why you need to protect cardholder data.<\/p>\n<h3><strong>Is PCI compliance mandatory in the UK?<\/strong><\/h3>\n<p>PCI compliance is a standard rather than a law.\u00a0It\u2019s enforced through contracts between:<\/p>\n<ul>\n<li>Merchants<\/li>\n<li>The banks who process payment<\/li>\n<li>The major payment companies<\/li>\n<\/ul>\n<p>However, that doesn\u2019t mean that you can relax about PCI DSS, or put it off until later.\u00a0The risks of not following PCI compliance can be\u00a0<strong>very serious<\/strong>.\u00a0Even endangering your ENTIRE business.<\/p>\n<p>If you suffered a breach, you would\u00a0lose trust.\u00a0This includes trust from your bank and your customers.\u00a0While you might be able to afford the fine, you might never get back your reputation.\u00a0More importantly:<\/p>\n<p>Nobody wants to be known as the firm that can\u2019t be trusted to look after sensitive cardholder data.<\/p>\n<p>To make things more interesting:<\/p>\n<p>Allowing cardholders data to be lost or stolen is a breach of GDPR (General Data Protection Regulation).\u00a0This covers consumers\u2019 rights over their data, including payment data.\u00a0The penalties for GDPR data breaches are severe:<\/p>\n<p>Up to\u00a0<strong>\u00a317m<\/strong>\u00a0or\u00a0<strong>4% of your annual turnover<\/strong>.<\/p>\n<blockquote><p><em>Need advice on <strong>PCI Compliance<\/strong>?\u00a0<a href=\"https:\/\/acora.one\/contact\">Feel free to get in touch<\/a>.<\/em><\/p><\/blockquote>\n<h3><strong>What are the PCI DSS compliance levels for merchants?<\/strong><\/h3>\n<p>Not all merchants have to reach the same standards to comply with PCI DSS. There are\u00a04\u00a0levels of validation: 1\u00a0(Highest) to\u00a04\u00a0(Lowest).<\/p>\n<p>The level you must comply with depends on how many transactions you process per year.\u00a0For each level, there are different tasks that you\u00a0<u>must<\/u> carry out every year in order to stay validated. Below shows the full details.<\/p>\n<p>For the meaning of terms and abbreviations used here, see the\u00a0Glossary of Terms\u00a0above.<\/p>\n<p><em><strong>Level 1<\/strong><\/em><\/p>\n<p>Transactions processed per year:<\/p>\n<p>6M+ (or if your cardholder data has previously been compromised)<\/p>\n<p>Validation requirements:<\/p>\n<ul>\n<li>RoC (Report on Compliance) carried out by a QSA (Qualified Security Assessor) or ISA (Internal Security Assessor)<\/li>\n<li>Quarterly scan of external vulnerabilities by an ASV (Approved Scanning Vendor)<\/li>\n<\/ul>\n<p><em><strong>Level 2<\/strong><\/em><\/p>\n<p>Transactions processed per year:<\/p>\n<p>1M-6M<\/p>\n<p>Validation requirements:<\/p>\n<ul>\n<li>RoC by a QSA, or an SAQ (Self-Assessment Questionnaire) signed by an officer of the company<\/li>\n<li>Quarterly scan by an ASV<\/li>\n<\/ul>\n<p><em><strong>Level 3<\/strong><\/em><\/p>\n<p>Transactions processed per year:<\/p>\n<p>20k-1M<\/p>\n<p>Validation requirements:<\/p>\n<ul>\n<li>SAQ signed by an officer of the company<\/li>\n<li>Quarterly scan by an ASV (once the SAQ has been done)<\/li>\n<\/ul>\n<p><em><strong>Level 4<\/strong><\/em><\/p>\n<p>Transactions processed per year:<\/p>\n<p>Under 20k<\/p>\n<p>Validation requirements:<\/p>\n<ul>\n<li>SAQ signed by an officer of the company<\/li>\n<li>Quarterly scan by an ASV (once the SAQ has been done)<\/li>\n<\/ul>\n<h3><strong>How do I become PCI DSS compliant in the UK?<\/strong><\/h3>\n<p><strong>1. Determine Validation Level<\/strong><\/p>\n<p>Determine which\u00a0<a href=\"https:\/\/acora.one\/news\/article\/pci-dss-compliance#what-are-the-pci-dss-levels-for-merhants\">level of validation<\/a> you need to achieve.\u00a0Base this on the number of transactions you plan to process within a year.<\/p>\n<p><strong>2. Gap Analysis<\/strong><\/p>\n<p>Carry out a gap analysis to work out what you need to do in order to become compliant.\u00a0In other words:<\/p>\n<ul>\n<li>Look at where you are now<\/li>\n<li>Determine where you need to be<\/li>\n<li>Consider how to bridge the gap between them<\/li>\n<\/ul>\n<p><strong>3. Report on Compliance (RoC)<\/strong><\/p>\n<p>Do you need a Report on Compliance (RoC)?\u00a0Contact a QSA and ask them to prepare it for you.<\/p>\n<p><strong>4. Scan for Vulnerabilities<\/strong><\/p>\n<p>Do you need to scan for vulnerabilities?\u00a0Contact an ASV.<\/p>\n<p><strong>5. Self-Assessment Questionnaire (SAQ)<\/strong><\/p>\n<p>Do you need to complete an SAQ?\u00a0There are\u00a09 questionnaires available.\u00a0Each one is aimed at businesses with different payment setups.\u00a0Work out which one is applicable to your business,\u00a0download\u00a0it and\u00a0complete\u00a0it.<\/p>\n<h3><strong>How much does it cost to become compliant with PCI DSS?<\/strong><\/h3>\n<p>The cost of becoming PCI compliant varies depending on the level of validation you need.\u00a0You may even be compliant with the standard already!<\/p>\n<p>Or you may need to make some changes to the way you handle cardholder data and take payments.\u00a0Most notably:\u00a0PCI compliance is not just a one-off task.<\/p>\n<p>You\u2019ll probably have some recurring tasks that you need to keep performing to make sure you stay compliant.\u00a0The main costs are likely to be:<\/p>\n<ul>\n<li><strong>Paying PSPs: <\/strong>to help you with assessments or support<\/li>\n<li><strong>Upgrading technology:<\/strong>\u00a0for example, by installing anti-virus software<\/li>\n<li><strong>Buying new equipment: <\/strong>such as a paper shredder<\/li>\n<li><strong>Maintaining compliance:<\/strong>\u00a0for example, by training your staff.<\/li>\n<\/ul>\n<p>On top of that:\u00a0PCI needs careful management.\u00a0It will take up some of your time as a manager, or that of your IT team.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to Verizon\u2019s Payment Security Report 2020, only\u00a027.9%\u00a0of\u00a0global businesses are\u00a0compliant with the\u00a0PCI DSS standard. Did you know? \ud83d\udca1 If you handle payment card information, you need to comply with the PCI DSS standard in the UK to protect stored cardholder&#8230;<\/p>\n","protected":false},"author":16,"featured_media":3197,"comment_status":"open","ping_status":"open","sticky":false,"template":"full-width-single-post.blade.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[44,45,46],"class_list":["post-3191","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-article","tag-pci","tag-dss","tag-compliance"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.1 (Yoast SEO v26.7) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>PCI DSS Compliance - Acora ONE<\/title>\n<meta name=\"description\" content=\"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"PCI DSS Compliance\" \/>\n<meta property=\"og:description\" content=\"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\" \/>\n<meta property=\"og:site_name\" content=\"Acora ONE\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/AcoraOne\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-03T14:28:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance-1024x576.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"The Acora Press Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@acora_one\" \/>\n<meta name=\"twitter:site\" content=\"@acora_one\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The Acora Press Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\"},\"author\":{\"name\":\"The Acora Press Team\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e\"},\"headline\":\"PCI DSS Compliance\",\"datePublished\":\"2024-12-03T14:28:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\"},\"wordCount\":1730,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png\",\"keywords\":[\"PCI\",\"DSS\",\"Compliance\"],\"articleSection\":[\"Article\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\",\"url\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\",\"name\":\"PCI DSS Compliance - Acora ONE\",\"isPartOf\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png\",\"datePublished\":\"2024-12-03T14:28:13+00:00\",\"author\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e\"},\"description\":\"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.\",\"breadcrumb\":{\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage\",\"url\":\"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png\",\"contentUrl\":\"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png\",\"width\":2240,\"height\":1260,\"caption\":\"PCI DSS Compliance blog hero image\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"PCI DSS Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#website\",\"url\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/\",\"name\":\"Acora ONE\",\"description\":\"We offer IT Support, Cloud Services, Telecoms, Cyber Security and Software Development throughout Norfolk, Suffolk and nationwide. Call us on 01603 431200.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e\",\"name\":\"The Acora Press Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f49ea7f3b1a87fbd47967cc4ca7d8fb465a57c950c1f45269f891b4066daec14?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f49ea7f3b1a87fbd47967cc4ca7d8fb465a57c950c1f45269f891b4066daec14?s=96&d=mm&r=g\",\"caption\":\"The Acora Press Team\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"PCI DSS Compliance - Acora ONE","description":"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_GB","og_type":"article","og_title":"PCI DSS Compliance","og_description":"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.","og_url":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/","og_site_name":"Acora ONE","article_publisher":"https:\/\/www.facebook.com\/AcoraOne\/","article_published_time":"2024-12-03T14:28:13+00:00","og_image":[{"width":1024,"height":576,"url":"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance-1024x576.png","type":"image\/png"}],"author":"The Acora Press Team","twitter_card":"summary_large_image","twitter_creator":"@acora_one","twitter_site":"@acora_one","twitter_misc":{"Written by":"The Acora Press Team","Estimated reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#article","isPartOf":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/"},"author":{"name":"The Acora Press Team","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e"},"headline":"PCI DSS Compliance","datePublished":"2024-12-03T14:28:13+00:00","mainEntityOfPage":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/"},"wordCount":1730,"commentCount":0,"image":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png","keywords":["PCI","DSS","Compliance"],"articleSection":["Article"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/","url":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/","name":"PCI DSS Compliance - Acora ONE","isPartOf":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage"},"image":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage"},"thumbnailUrl":"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png","datePublished":"2024-12-03T14:28:13+00:00","author":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e"},"description":"Learn how to achieve and maintain PCI DSS compliance to protect your business and customer data with insights from Acora One.","breadcrumb":{"@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#primaryimage","url":"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png","contentUrl":"https:\/\/static.acora.com\/app\/uploads\/sites\/2\/2024\/10\/PCI-DSS-Compliance.png","width":2240,"height":1260,"caption":"PCI DSS Compliance blog hero image"},{"@type":"BreadcrumbList","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/news\/article\/pci-dss-compliance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ki-acora.s.nomatter.dev\/one\/"},{"@type":"ListItem","position":2,"name":"PCI DSS Compliance"}]},{"@type":"WebSite","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#website","url":"https:\/\/ki-acora.s.nomatter.dev\/one\/","name":"Acora ONE","description":"We offer IT Support, Cloud Services, Telecoms, Cyber Security and Software Development throughout Norfolk, Suffolk and nationwide. Call us on 01603 431200.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ki-acora.s.nomatter.dev\/one\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/de47eff0dcc5e360b73649882262731e","name":"The Acora Press Team","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/ki-acora.s.nomatter.dev\/one\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f49ea7f3b1a87fbd47967cc4ca7d8fb465a57c950c1f45269f891b4066daec14?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f49ea7f3b1a87fbd47967cc4ca7d8fb465a57c950c1f45269f891b4066daec14?s=96&d=mm&r=g","caption":"The Acora Press Team"}}]}},"_links":{"self":[{"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/posts\/3191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/comments?post=3191"}],"version-history":[{"count":0,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/posts\/3191\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/media\/3197"}],"wp:attachment":[{"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/media?parent=3191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/categories?post=3191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ki-acora.s.nomatter.dev\/one\/wp-json\/wp\/v2\/tags?post=3191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}