All businesses that accept card payments by phone or online must follow PCI-DSS. Protecting cardholder data is essential for meeting legal obligations and for building customer trust and credibility.
PCI Guard provides a secure, reliable PCI-DSS solution with three payment methods, giving your customers maximum flexibility. Whether they take online payments, phone payments, or a blend of both, PCI Guard supports compliant and consistent processes.
PCI Guard delivers professional, informative, and persuasive IT and telecoms solutions tailored to your needs. With expert support and modern technology, it helps keep your business secure and aligned with PCI DSS requirements.
PCI Guard IVR enables customers to make payments 24/7 without speaking to an agent or visiting a website.
PCI Guard offers secure, PCI-DSS aligned payment options via webchat, WhatsApp, social media, email and SMS.
Integrates with call flows, intercepting keypad tones or spoken card data to prevent agents capturing it.
Customers can use their existing SIP and hosted telephony. PCI Guard integrates with current lines and software to minimise startup costs.
Add or remove SIP channels without disrupting day-to-day operations. Your customer's billing will adjust automatically.
Straightforward licencing allowing customers to pay monthly per SIP channel with zero transaction fees, and no hidden call charges.
PCI Guard does not switch telecoms traffic, reducing interoperability challenges for agents and customers.
Enable secure, PCI DSS–aligned card payments via call, email, webchat, SMS, instant messaging, and social channels.
Deploy a secure PCI DSS solution with ZERO setup costs which is very competitive against other providers.
Customers can choose from multiple, simple deployment paths that can be set up within 24 hours.
No extra charges are applied for customers to use the system with their existing services.
Regular reviews with your Zest4 account manager ensure PCI Guard continues to meet your customer's business requirements.
Can’t find the answer you’re looking for? Reach out to our sales team for further information.
PCI compliance applies to every organisation and merchant, regardless of size or transaction volume, that accepts, transmits, or stores cardholder data. If customers pay directly by credit or debit card, the PCI DSS requirements apply.
The Standard can be found on the PCI Security Standards Council’s Website. Please visit the website to learn more: http://www.pcisecuritystandards.org
All merchants that store, process or transmit cardholder data must be compliant now. However, as a Level 4 merchant, you will have to refer to your merchant bank for their specific validation requirements and deadlines. All deadline enforcement will come from your merchant bank.
All merchants will fall into one of the four merchant levels based on Visa transaction volume over a 12-month period. Transaction volume is based on the aggregate number of Visa transactions (inclusive of credit, debit and prepaid) from a merchant Doing Business As (‘DBA’).
In cases where a merchant corporation has more than one DBA, Visa acquirers must consider the aggregate volume of transactions stored, processed or transmitted by the corporate entity to determine the validation level. If data is not aggregated, such that the corporate entity does not store, process or transmit cardholder data on behalf of multiple DBAs, acquirers will continue to consider the DBA’s individual transaction volume to determine the validation level.
If a business’s locations process under the same Tax ID, then typically they are only required to validate once annually for all locations. And, submit quarterly passing network scans by an PCI SSC Approved Scanning Vendor (ASV), if applicable.
In-scope cards include any debit, credit, and pre-paid cards branded with one of the five card association/brand logos that participate in the PCI SSC: American Express, Discover, JCB, MasterCard, and Visa International.
No. SSL certificates do not secure a Web server from malicious attacks or intrusions. High assurance SSL certificates provide the first tier of customer security and reassurance, but there are other steps to achieve PCI Compliance.
The payment brands may, at their discretion, fine a high fee for PCI compliance violations. The banks will most likely pass this fine on downstream until it eventually hits the merchant. Furthermore, the bank will also most likely either terminate your relationship or increase transaction fees. Penalties are not openly discussed nor widely publicised, but they can be catastrophic to a small business.
Cardholder data is any personally identifiable data associated with a cardholder. This could be an account number, expiration date, name, address, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.
