The use of payment cards on both in-store and online transactions have been rapidly increasing for the past several years. In the US, statistics show that Americans own an average of 4 credit cards. With this trend, most businesses whether big or small, consider accepting cards as one of their payment options and a necessity for sales growth.

Why are payment cards widely preferred by consumers? Consumers nowadays prefer to do business in the easiest, fastest and most convenient way. Aside from the fact that most payment cards are accredited or recognized globally, consumers can easily keep track their expenses and set different credit limits for supplementary cards; gain access to interest-free installment terms, rewards, rebates and other promotional offers offered by the card issuer; and do not need to bring cash as they have fast access to cash via ATMs. These advantages attract both consumers and business owners to adapt to the payment card system. For this reason, the payment card industry also becomes a major target of fraud and identity theft.

These past years, billions of sensitive customer data have been breached and stolen by hackers due to vulnerabilities. To prevent financial fraud, the Payment Card Industry Data Security Standard (PCI DSS) have been created in 2004. As defined by pcisecuritystandards.org, PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions. It aims to increase the level of security of all merchants or financial institutions accepting or processing payment cards.

There are four (4) levels of PCI compliance based on the volume of transactions being handled or processed per year:

• Level 1 – Over 6 million cards transactions per year
• Level 2 – Between 1 to 6 million card transactions per year
• Level 3 – Between 20,000 to 1 million card transactions per year
• Level 4 – Less than 20,000 card transactions per year

Being a PCI DSS compliant means, you are protecting your customers’ trust and the credibility of your company. Having vulnerabilities and imminent risk of identity theft results to a loss of customer’s confidence which in the long run could cost you your business.

As a Payment Card Industry Data Security Standard (PCI DSS) Level 1 compliant company, XMC is committed in maintaining a secure and healthy relationship with our customers.