Does your Business Process Payment Cards?

Date October 9, 2018

If your business processes, stores, or houses credit, debit, or gift card data, then it likely must comply with the Payment Card Industry-Data Security Standard (PCI-DSS), which contains 12 requirements. They are listed here.

Often businesses incorrectly assume the PCI-DSS only pertains to the processing of payment cards via a computer but this is not the case. It is applicable in all types of commerce involving Card Holder Data (CHD).

To be clear, CHD includes the following information: the Primary Account Number, Card Holder Name, Expiration Date and Service Code.

While processing payment card transactions, if an employee writes down CHD on paper then transmits CHD via email, text message or voicemail, your business must properly secure your expanded CHD environment in order to comply with PCI-DSS.

If you have questions regarding your CHD Environment, HBK can perform a gap analysis to identify any shortfalls that your business may have relating to the PCI-DSS requirements.

HBK can assist you with cyber security topics or questions. Please contact Matt Schiavone at, Bill Heaven at, or Steve Franckhauser at for assistance.

Speak to one of our professionals about your organizational needs

"*" indicates required fields needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.