JCC and Information Security
JCC’s business operation is increasingly dependent upon the availability, confidentiality and integrity of information. Information security is therefore of the utmost. Information shall be protected against both unintentional errors and deliberate attempts to corrupt, destroy or disclose it. Care shall also be taken to ensure privacy (i.e., data protection legislation) and in this respect adequate precautions shall be in place to protect information. JCC is PCI-DSS Certified and Compliant since February 2011.
What is PCI?
The PCI DSS, is a set of mandatory requirements concerning cardholder data security developed by the PCI Security Standards Council. The Council’s members are American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International.
JCC’s position on the PCI-DSS
In an effort to protect and maintain our Merchants’ integrity and reputation from the consequences of a possible Cardholder data breach, JCC has initiated the “JCC Data Security Programme”. JCC strongly adopts and endorses the PCI-DSS mandated by the Card Schemes (Visa, MasterCard, and American Express). We are therefore taking measures at present to ensure that both we and our Merchants adopt this standard in order to accomplish ‘compliant status’ the soonest possible. JCC is committed to perform PCI for Merchants training for ecommerce and high-level merchants.
Who should become PCI compliant?
PCI applies to ALL organisations or merchants, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data. In other words, if any customer of that organisation ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply. The standards can be found here.
How does this affect the JCC merchant?
As a merchant you should make every effort to comply with the PCI-DSS and study the SAQ you are eligible for according to the method you accept payments. JCC has a dedicated compliance team to assist you.
What do you need to do to become compliant?
Depending on the volume of transactions per payment brand processed within a year, you are assigned a merchant level. You can see Visa, Amex and MasterCard levels below:
For our ecommerce and high-level merchants we routinely perform training sessions during the year. Our plan is to increase the percentage of our compliant merchants and ease the compliance process through the use of various mechanisms such as redirection, tokenisation and P2P encryption.
What SAQ (Self Assessment Questionnaire) should you complete?
This shall depend on the payment acceptance method used. For more information please read the Instruction Guide. All the questionnaires can be found here.
How can I register compliance with JCC?
If an email has been sent to you directing you to this page please click here and register.