payment card industry data security standards (pci-dss)
In order to create a more secure credit card processing environment, the Payment Card Industry (PCI) has created the Data Security Standard (DSS). This standard is typically referred to as PCI-DSS.
The intent of PCI-DSS is to create an organization-wide, secured processing environment which minimizes the risk of a breach of credit card data.
As a merchant processor, Loyola has been mandated by the Payment Card Industry to comply with the Data Security Standard and the university has begun this compliance initiative.
Despite the fact that universities only account for 2% of all the credit card merchants worldwide, between 2000 and 2007, 31% of all breaches were from universities. Additionally, 38% of credit card fraud within higher education within this time frame occurred due to hacking.
To achieve a successful resolution to this compliance initiative, the assistance of every Loyola department is required to discover and document all credit card processing systems. This data will be used to organize an infrastructure development effort to meet the very specific PCI-DSS requirements for how credit cards are to be processed.
To view a glossary of common PCI acronyms and terminology, please review the PCI Glossary page.
Loyola PCI Survey
As part of the annual review to maintain PCI compliance, all departments are responsible for completing a PCI survey. To receive a copy of the survey, please send an email to email@example.com