Credit Card Processing Security

Posted on Wednesday, July 27, 2016

It is common for nonprofit organizations to accept credit card payments, either for program service fees or donations.  In response to growing credit card fraud, the credit card industry has established the Payment Card Industry Data Security Standards (PCI DSS).  The standards apply to all entities that store, process or transmit cardholder data and/or sensitive authentication data.  If your nonprofit accepts credit cards, PCI DSS applies to your organization. 

The PCI DSS requirements consists of twelve requirements to meet six goals relating to cardholder security.  One of the most important goals is protecting cardholder data.  Cardholder data refers to any information printed, processed, transmitted or stored on a payment card.  Entities accepting credit cards are expected to protect cardholder data from unauthorized use.  Cardholder data should not be stored by the organization unless it’s necessary to meet the business needs of the organization; however, there are some items that should never be stored after authorization.  Access to data that can be stored should be restricted with passwords and encryption.

Items that may be stored:

Items that that are not permitted to be stored:

Your organization could be assessed substantial fines if cardholder data is breached and your organization is not in compliance. 

To find out more about PCI Security Standards, visit the PCI Security Standards Council website.

Posted by: Carrie Minnich, CPA

Posted in Mission Minded Nonprofits

Disclaimer: The information contained in Dulin, Ward & DeWald’s blog is provided for general educational purposes only and should not be construed as financial or legal advice on any subject matter. Before taking any action based on this information, we strongly encourage you to consult competent legal, accounting or other professional advice about your specific situation. Questions on blog posts may be submitted to your DWD representative.

"DWD has provided annual audits and tax filings for Bowmar LLC since 2010.  Their accounting and tax knowledge has been valuable.  We have appreciated their willingness to dive deeply into…"

Bix Benson, Chairman

Bowmar, LLC