From last few years, PCI DSS (Payment Card industry – Data Security System) has become mandatory for all the payment services using different payment gateways for the exchange of money. The system has many benefits to the online merchants and the consumers, but there are also some misleading information prevails that puts question to the authenticity of the system. The objective of the system is to create a safe cardholder data environment.
The first and foremost information that misleads various merchants is the probations regarding the upgrading of the system and software maintenance. Merchants have to upgrade their hardware and software in order to comply with PCI norms. They also need to appoint a system administrator in order to look after the software’s and make them working bug free.
The real fact is different and this information is not at all correct. As per the PCI Self Assessment Questionnaire there is no need to upgrade the system or software even after one year for every merchant. Only those merchants need to upgrade the system that has business expansions of more number of users using the payment gateway.
Also, most of the merchants have known that the system requires year inspection and firewall renewal, which is also not true. A firewall cannot required renewal after every year, it depends on the number of clients and workstations where the PCI has been installed.
Comments
Post a Comment