skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus

Card security and PCI DSS

Our merchant customers are expected to adhere to the Payment Card Industry Data Security Standard (PCI DSS). Doing that, and using our fraud minimisation guide, is how you can reduce the risk of card fraud.

Our commitment to financial security

At ANZ we take financial security very seriously. 

We have developed a comprehensive fraud minimisation guide to help protect you and your customers from card fraud:

ANZ Fraud Minimisation Guide (PDF 95KB) 

As part of our commitment to security, we also require our merchant customers to adhere to PCI DSS.

If you accept card payments from customers, or use a third party service provider to do so, you are responsible for ensuring that customers’ card details are secure and that your third party service providers are compliant with PCI DSS.

Payment Card Industry Data Security Standard (PCI DSS)

The PCI DSS is a set of comprehensive standards designed to protect and secure cardholder data. 

The standards are governed by an independent organisation known as the PCI Security Standards Council, which is made up of representatives from the world’s major credit card companies, such as Visa and Mastercard, and leading information security experts.

The PCI DSS:

  • Reduces the risk of credit card fraud.
  • Helps you to avoid fines, penalties and costs related to credit card security breaches and non-compliance.
  • Increases consumer confidence in credit card payments.
  • Reduces your business’ exposure to potential lost revenue as a result of fraud.

What you need to do

The ANZ Merchant Business Solutions team will let you know what you need to do to comply with PCI DSS and when it is applicable to your business.

Our guidance will always include these points.

Card security

  • Only use EFTPOS terminals certified by Payments New Zealand and the EFTPOS New Zealand and/or Paymark network.
  • Only use approved third party service providers for internet sales.
  • Ensure full credit card information is never stored anywhere. Only retain truncated card data in the form of ‘1234 56xx xxxx 7890’.
  • Never collect or store sensitive authorisation data such as PIN and card security code.

Premises, computers and staff

  • Ensure all employees are aware of their responsibilities in relation to information security, and reflect these in strong written policies.
  • If you use wireless to connect to the internet, ensure router settings are enabled for strong security.
  • Monitor the premises and ensure access to payment systems is restricted to prevent tampering and/or misuse.
  • Protect computers from intrusion by using robust security tools:
    • Install a Firewall to protect against unauthorised access from the internet.
    • Use up-to-date anti-virus software that is capable of detecting and removing all known threats.
    • Do not share the same username and password amongst staff.
    • Use strong passwords that are regularly changed.
    • Secure and disable programs used for Remote Assistance.

More information about PCI DSS

For the latest PCI DSS standards, plus guides and information about getting started with PCI DSS and the compliance process, visit the PCI Security Standards website.

Contact our Merchant Business Solutions team

Contact us online

Fill in our enquiry form and we'll get back to you.

Contact us

Call us

Monday to Friday, 8.30am - 5pm

0800 473 453

Related products 

Contactless payments

Good for your customers, good for your business. Contactless payments are a fast and easy way to pay that more and more Kiwis are choosing every day.

Contactless payments 

ANZ FastPay for mobile payments

Our mobile payment solution that lets you accept EFTPOS, Visa and Mastercard payments on the go.

ANZ FastPay 

ANZ eGateTM for online or phone and mail order payments

Use one of our ANZ eGateTM solutions to accept Visa and Mastercard payments online or for phone and mail orders.

ANZ eGateTM 

Any supplier specified above (including EFTPOS New Zealand Limited ("ENZ") is not a related company of ANZ Bank New Zealand Limited ("ANZ"). ANZ does not warrant the quality of goods and/or services provided by them or their suitability for your particular circumstances.

Top