White Paper

Impact of PCI DSS on Recording Solutions

What is PCI DSS?


PCI DSS stands for Payment Card Industry Data Security Standard and is a worldwide security standard assembled by the Payment Card Industry Security Standards Council (PCI SSC). The standard was created to help organizations that process credit card payments prevent credit card fraud, hacking and various other security vulnerabilities and threats. A company processing, storing, or transmitting payment card data must be PCI DSS compliant

Non-compliant companies who maintain a relationship with one or more of the card brands, either directly or through an acquirer risk losing their ability to process credit card payments and being audited and/or fined. All in-scope companies must validate their compliance annually. This validation can be conducted by auditors -i.e. persons who are PCI DSS Qualified Security Assessors (QSAs), however smaller companies have the option to use a self-certification questionnaire. Whether this questionnaire needs to be validated by a QSA depends on the requirements of the card brands in that merchant‘s region.