TVTraysEtc.com is PCI Compliant

PCI Compliance

TVTraysEtc.com is PCI Compliant!

The security of our customer's credit card information is considered our top priority. We have taken great care to develop our business around ensuring the security of your information. We have built our on-line presence around this theme. We have taken great care in selecting technology partners that share this absolute requirement.

The TVTraysEtc.com e-commerce platform is provided by BigCommerce. The BigCommerce data center facilities have been inspected by a Visa-approved PCI scanning vendor and passed the on-site assessment for PCI DSS. Verification of this Level I PCI compliance and the scan summary can be found by clicking on the PCI Compliance logo found below.

What is PCI Compliance?

Summary:

The Payment Card Industry Data Security Standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise.

Detail:

From Wikipedia, the free encyclopedia:

The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council. The standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. The standard applies to all organizations that hold, process, or exchange cardholder information from any card branded with the logo of one of the card brands.

Validation of compliance can be performed either internally or externally, depending on the volume of card transactions the organisation is handling, but regardless of the size of the organisation, compliance must be assessed annually. organisations handling large volumes of transactions must have their compliance assessed by an independent assessor known as a Qualified Security Assessor (QSA), while companies handling smaller volumes have the option of demonstrating compliance via a Self-Assessment Questionnaire (SAQ). In some regions these SAQs still require signoff by a QSA for submission.

Enforcement of compliance is done by the bodies holding relationships with the in-scope organisations. Thus, for organisations processing Visa or MasterCard transactions, compliance is enforced by the organisation's acquirer, while organisations handling American Express transactions will deal directly with American Express for the purposes of compliance. In the case of third party suppliers such as hosting companies who have business relationships with in-scope organisations, enforcement of compliance falls to the in-scope company, as neither the acquirers nor the card brands will have appropriate contractual relationships in place to mandate compliance. Non-compliant companies who maintain a relationship with one or more of the card brands, either directly or through an acquirer, risk losing their ability to process credit card payments and being audited and/or fined.

PCI Compliance