When customers offer their bank card at the point of sale, over the Internet, on the phone, or through the mail, they want assurance that their account information is safe. The Cardholder Information Security Program (CISP) is intended to protect cardholder data – wherever it resides – ensuring that members, merchants, and service providers maintain the highest information security standard. In 2004, the CISP requirements were incorporated into an industry standard known as the Payment Card Industry (PCI) Data Security Standard (DSS). Following is a summary of the PCI DSS which must be followed by all merchants:
Visa® and MasterCard are committed to ensuring the safety and security of their payment systems and cardholder's confidence in shopping with payment cards. The appropriate Payment Card Industry Self-Assessment Questionnaire must be completed annually by any merchant that captures, transmits or stores credit and debit card data. Completed questionnaires can be faxed to Merchant Risk Management at 207-753-3398. Please contact Customer Service at 800-348-4025 with any questions on completing this form or to request additional small business resources related to the PCI DSS.