PCI Data Compliance

American National Payments DATA SECURITY PROGRAM

The American National Payments Data Security Program will help you comply with the Payment Card Industry (PCI) Data Security Standard, which has been endorsed by the major card associations in the United States including Visa®, MasterCard®, Discover® and American Express®. As a result, all merchants who accept credit cards are required to comply with the PCI Data Security Standard.

The American National Payments Data Security Program can help protect you and your customers from theft and fraud. This new initiative will help safeguard the credit cardholder information that you process and/or transmit from attackers and other online hazards. As a American National Payments merchant, we have arranged for a FREE risk assessment through Trustwave’s Risk Profiler tool, to help determine your risk for a data security incident.

Trustwave is a leading third party assessor, (www.Trustwave.com) and an authorized QDSC for both VISA and MasterCard. To begin your free risk assessment in Risk Profiler in conjunction with the American National Payments Data Security Program, please click here. (Links to http://anp.riskprofiler.net).

If you need assistance with Risk Profiler, or require more information on enrollment, please call Trustwave customer service at (800)363-1621.


American National Payments strongly endorses the need for more stringent standards regarding the handling of cardholder data. In addition, we are taking proactive measures to ensure that all merchants adopt these standards and maintain compliance on an on-going basis. Your compliance with the PCI Data Security Standard is mandatory.

PCI DSS INFORMATION
All merchants who accept credit cards are required to comply with the PCI Data Security Standard. Merchants are categorized into one of four levels based on transaction volume and acceptance channel, with different compliance requirements based on each level. For validation, merchants are required to successfully complete the PCI DSS Self-Assessment Questionnaire and a quarterly network scan.
What is the PCI DSS Self-Assessment Questionnaire?
The questionnaire is a set of multiple-choice questions designed to understand the merchant’s card acceptance and processing environment. The questionnaire has been designed to assess your compliance with the requirements of all card associations regarding your policies, procedures, administrative controls, access controls and physical security measures as they pertain to those systems that store, process or transmit cardholder data.
What is a quarterly network scan?
The scan, often called a vulnerability scan, is conducted by a third-party vendor of the merchants external-facing IPs. The scan identifies systems that are not secure, that could be open to a security breach or data compromise – especially on that would potential compromise cardholder data.
Together, the questionnaire and the scan provide a snapshot of how well a merchant is protecting the cardholder data they store, process or transmit. A passing scan and passing questionnaire will deem the merchant compliant with PCI.
If a merchant does not pass the scan and/or questionnaire, they are deemed non-compliant. A remediation plan will be necessary to address the areas of weakness, risk and vulnerability.
What happens if I am not PCI DSS Compliant?
If you do not comply with the security requirements of the card associations, your business may be at risk of compromise. You are subject to fines from the card associations for non-compliance, and if compromised, you are at risk for financial loss, additional fines, loss of business, damage to your brand’s reputation and other loss of critical systems.
If you have any questions or concerns, please contact the American National Payments Customer Service Center at
1 (866) 447-8805.