Cardholder Data Protection (PCI DSS)

When taking credit and debit card payments from customers the Council must comply with the Payment Card Industry Data Security Standards (PCI DSS). This places an obligation on the Council to keep cardholder data secure and reduce the potential for customers card information to be accidently or deliberately made known to others. 

Adherence to these policies is an essential part of the Councils certification criteria.

• Protection of Cardholder Data Policy - Rented Terminals (MS Word, 66KB)
• Protection of Cardholder Data Policy - Receipting Systems (MS Word, 67KB)
• Skimming Prevention Best Practice for Merchants Sept 2014 (PDF, 1.1MB)