PCI Compliancy


Payment gateway

Learn about PCI and how it can protect and benefit your business. Find out how MyGate can assist you with eliminating the need for you to touch or store credit card detail below.

A Simple explanation of a complex solution

Whether you are a retailer, ecommerce player or any type of merchant you most likely are accepting credit and debit cards as a means of payment. PCI DSS (Payment Card Industry Data Security Standard) was created by the PCI Standards Security Council which represents MasterCard, Visa, JCB International, American Express and Discover. PCI applies to all merchants and is intended to ensure the security of stored and processed card data within all environments.

Card Data can be like cash. If you can get your hands on it you can spend it. PCI DSS helps to protect this data thus reducing risk exposure and card data access. Being PCI does not guarantee data security or absolute prevention from hackers gaining access to this data but rather encompasses an approach in view of a merchants business model and requirements helping aid in the protection the card holder / consumer.

Another common misconception is the belief that a merchant is PCI compliant through their own best practice methods and database encryption. Non PCI compliance can have large financial implications to merchants with fines ranging between US$5000 to US$500,000 based on the level of non compliance. The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. (https://www.pcisecuritystandards.org)

Outside of the PCI checklist, the card associations have established Quality Security Assessors (QSA) to aid in the assessment of merchants. Further to this Approved Scanning Vendors (ASV) have been established to identify vulnerabilities and misconfigurations within the merchants payment process.

3rd Party payment processors can process and store card transactions of online payments, recurring billing, Mail Order / Telephone Order payments, EFT integrated Point of Sale and Stand Alone devices without taking away core functionality from the merchant. In all of these payment methods, card details can be replaced on the merchant system with unique reference numbers allowing merchants to retain control over Transaction Management without storing any card detail.

MyGate's payment platform enables merchants to easily integrate into a payment solution that can be built around their specific requirements without the merchant getting involved with card detail. It is crucial for merchants to retain real time access to all components of the transaction process including authorization, settlement, reverse authorization, manual authorization codes, refunds and chargeback management.