PCI Screening standard
The Payment Card Industry Data Security Standard (PCI DSS) is the default pre employment vetting standard recommended for companies that handle or process credit card and cardholder information.
It is a relatively basic level of background screening designed with the aim of preventing credit card fraud. Companies that are not compliant with the relevant Data Security Standards will be responsible for any losses through fraud, and could face considerable fines.
The Payment Card Industry Data Security Standard (PCI DSS) is the default pre employment vetting standard recommended for companies that handle or process credit card and cardholder information.
It is a relatively basic level of background screening designed with the aim of preventing credit card fraud. Companies that are not compliant with the relevant Data Security Standards will be responsible for any losses through fraud, and could face considerable fines.
Compliant and Efficient PCI DSS Screening Solutions
We provide you with fast, cost effective pre-employment screening services that meet the PCI DSS is a data security standard that is designed to protect customers’ personal details and their credit / debit card data when organisations take payment from them.
If an organisation (public or private) takes payment from credit or debit cards online or over the phone and then stores that information, they have to comply with the PCI DSS.
Ensure PCI DSS Compliance with Our Screening Service
Our screening service enables your organisation to satisfy the requirement of the Payment Card Industry Data Security Standard (PCI DSS) for your employees, contractors or temporary staff.
Protect Cardholder Data with PCI DSS Compliance
The goal of the PCI Data Security Standard (PCI DSS) is to protect cardholder data wherever it is processed, stored or transmitted. The security controls and processes required by PCI DSS are vital for protecting cardholder account data, including the primary account number printed on the front of a payment card and any other sensitive data that is printed on a card, or stored on a card’s magnetic stripe or chip.
PCI – DSS Screening Explained pci compliant pci standards pci dss
The Standard was introduced in 2006, “to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally”. It has changed relatively little since its inception and there has always been a requirement for background checks as part of PCI DSS Control Objective 6 / Requirement 12, which covers the need to maintain a policy that addresses information security for all personnel. The current directive is as follows:
Essential Personnel Screening for PCI Compliance
“12.7 Screen potential personnel prior to hire to minimize the risk of attacks from internal sources.” Examples of appropriate types of background checks may include previous employment history, criminal record, credit history, and reference checks.
It is also worth pointing out that since PCI DSS was introduced there has been a recommendation (rather than a requirement) for personnel with access to credit/debit card details on an individual transaction basis, such as store cashiers, to be screened.
Implementing Robust Background Checks for PCI Compliance
The advice here states that, “it is expected that a company would have a policy and process for background checks, including their own decision process for which background check results would have an impact on their hiring decisions (and what that impact would be).” There is also a strong suggestion that positions with greater responsibility or administrative access to data or systems would necessitate more robust screening. Further guidance indicates the need to have provisions within the firm’s background checking policy for vetting current personnel.