Does PCI DSS apply to you?
 PCI Compliance   Compliance Overview   Ensuring 3rd party compliance 
If you store, process, or transmit data electronically or manually, then your business needs to comply.
You're allowed to store primary account numbers, cardholder names, service code, and expiry dates, provided they're protected in line with PCI DSS requirements.
You're not allowed to store the following, and if you are, must remedy the oversight immediately:
  Full magnetic stripe - track 2
  PIN/PIN block
  Sensitive authentication data, even if encrypted
Why your business needs to comply
At DTI Credit, it's our duty to regularly report to VISA and MasterCard, letting them know the status of merchants' compliance with PCI DSS. Based on these reports, they select businesses to investigate, with those found to be non-compliant facing fines and fraud costs.
That's why complying with PCI DSS should be seen as an insurance policy, protecting your business from the financial costs of failing to secure card data.
Furthermore, working towards compliance helps improve your processes, allowing you to operate more securely.
Download Merchant Program Guide