Security & Payment Card Industry Data Security Standard (PCI DSS)
At ANZ we take financial security very seriously. We have developed a comprehensive ANZ Fraud Minimisation Guide (PDF 172kB) to help protect you and your customers from card fraud.
As part of our commitment to security, we also require our Merchant customers to adhere to the PCI DSS.
What is PCI DSS?
PCI DSS is a set of comprehensive standards designed to protect and secure cardholder data. The standards are governed by an independent organisation known as the PCI Security Standards Council, which is made up of representatives from the world’s major credit card companies such as Visa and MasterCard, and leading information security experts.
If you accept credit card payments from customers, or use a third party service provider to do so, you are responsible for ensuring that customers’ credit card details are secure and/or that your third party service providers are compliant with PCI DSS.
Why is PCI DSS important?
The benefits of PCI DSS include:
- Reducing the risk of credit card fraud
- Avoiding fines, penalties and costs related to credit card security breaches and non-compliance
- Increasing consumer confidence in credit card payments
- Reducing your business’ exposure to potential lost revenue as a result of fraud.
What you need to do
To comply with PCI DSS and reduce the risk of credit card fraud you should:
- Only use EFTPOS terminals certified by Payments New Zealand and the EFTPOS New Zealand and/or Paymark network
- Only use approved third party service providers for internet sales
- Protect computers from intrusion by using robust security tools:
- Install a Firewall to protect against unauthorised access from the internet
- Use up-to-date anti-virus software that is capable of detecting and removing all known threats
- Do not share the same username and password amongst staff
- Use strong passwords that are regularly changed
- Secure and disable programs used for Remote Assistance.
- If you use wireless to connect to the internet, ensure router settings are enabled for strong security
- Monitor the premises and ensure access to payment systems is restricted to prevent tampering and/or misuse
- Ensure full credit card information is never stored anywhere. Only retain the last 4 digits of the card number, and ensure that the leading digits are not recorded
- Ensure all employees are aware of their responsibilities in relation to information security, and reflect these in strong written policies.
For the latest PCI DSS standards, plus guides and information about getting started with PCI DSS and the compliance process, please refer to the PCI Security Standards website.
The ANZ Merchant Business Solutions Team will let you know what you need to do to comply with PCI DSS when applicable to your business.
Talk to our Merchant Business Solutions team
Our dedicated experts can answer your questions and design a solution to meet the
unique needs of your business.
0800 473 453
Fill in our enquiry form and
we'll contact you by phone or
Mon-Fri 8:30 - 5 pm (NZT)
Related products & services
Get paid and keep the cash flowing in your business.
A smartphone app that lets you accept EFTPOS, Visa and MasterCard debit and credit card payments on the go.
Online payment solutions
Accept Visa and MasterCard payments via your online store.
Any supplier specified above (including EFTPOS New Zealand Limited ("ENZ") is not a related company of ANZ Bank New Zealand Limited ("ANZ")). ANZ does not warrant the quality of goods and/or services provided by them or their suitability for your particular circumstances.
You need Adobe Reader to view PDF files. You can download Adobe Reader free of charge.