STEP and PCI Compliance

Credit cards

As part of our ongoing work to ensure the safety and security of our members, STEP is currently working towards becoming fully compliant with the latest Payment Card Industry (PCI) Security Standards. This means that we will be making changes to the way we accept payments and handle sensitive information.

What is PCI Compliance?

PCI Compliance is an information security standard for organizations that handle credit card details from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. It’s designed to ensure that companies have all the correct measures in place to ensure the ongoing security of the card information they handle.

How will the changes affect you?

Whilst the vast majority of changes will affect internal systems and procedures, STEP will be making some changes to the way we accept card payments:

Change:
We will now be automatically rejecting any emails sent to us that contain sensitive card information (that includes the card number, expiry date and CVV) please note that direct debit information can still be accepted.

Reason:
This information is currently being rejected by way of an email reply, however rejecting it before it arrives with us will increase the safety of your card information.

Change:
We will no longer be accepting or sending faxes in any form.

Reason:
Faxes are fast becoming an outdated method of communication. STEP currently receives such a low volume of faxes that the decision has been taken to discontinue this service.

Change:
We will no longer be accepting payment over the phone.

Reason:
STEP have been evaluating PCI compliant telephone payment options, however given the low volume of telephone payments we currently process, we have come to the decision that the most effective way we can ensure your safety is to remove this option.

The Future:

All the changes we are making to our payment procedures are intended to make your experience with STEP fully compliant with the latest PCI Security Standards. We have recently upgraded our online payments to accept payments in GBP, USD, EUR and CHF.

We will continue to review our payment options to ensure we are providing you with the best service possible.

For any further information on PCI Compliance, you can find it here www.pcisecuritystandards.org.

For any questions relating to payments, please do get in touch, you can reach us by telephone on +44 (0) 203 752 3700, step@step.org and finance@step.org.

 

James Harris is STEP’s Information Technology Manager.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s