||PCI Compliance - what it is and why it is important
Monday, August 20, 2012
PCI (Payment Card Industry) compliance standards were created by the the major credit card issuers (Visa, MasterCard, Discover and American Express) to protect personal information and ensure security when transactions are processed using a payment card.
According to PrivacyRights.org, over half a billion database records containing sensitive personal information have been involved in security breaches since January 2005 in the U.S. alone.
Research indicates the most vulnerable sector for data breaches is merchants. Merchants process the bulk of credit and debit cards offered for payment of goods and services. Smaller merchants are the most attractive targets for data thieves because they’re less likely to have secure payment card data. According to Visa Inc, 96 per cent of successful attacks on payment card systems have compromised small businesses.
PCI provides the guidelines to help merchants protect cardholder data.
All members of the payment card industry (financial institutions, credit card companies and merchants) must comply with these standards in order to accept credit cards.
Failure to meet compliance standards can result in fines from credit card companies and banks and even the removal of the right to process credit cards.
Becoming compliant may seem confusing and a lot of work, especially if you are a smaller organization. However, not only is compliance becoming increasingly important, it doesn't have to be the headache you expected.
Compliance with data security standards can bring major benefits to businesses of all sizes, while failure to comply can have serious and long-term negative consequences. Here are some reasons why;
- Compliance with the PCI DSS means that your systems are secure, and customers can trust you with their payment card information:
- Trust means your customers have confidence in doing business with you
- Confident customers are more likely to become repeat customers, and recommend you to others
- Compliance improves your reputation with acquirers and payment brands - the partners you need in order to grow your business
- Compliance is an ongoing process, not a one-off event. It helps prevent security breaches and theft of payment card data today and in the future:
- As data compromise becomes ever more sophisticated, it becomes ever more difficult for an individual merchant to stay ahead of the threats
- The PCI Security Standards Council is constantly working to monitor threats and improve the industry’s means of dealing with them, through enhancements to PCI Security Standards and by the training of security professionals
- When you stay compliant, you are part of the solution – a united, global response to fighting payment card data theft
- Compliance has indirect benefits as well:
- Through your efforts to comply with PCI Security Standards, you’ll likely be better prepared to comply with other regulations as they come along, such as HIPAA, SOX, etc.
- You’ll have a basis for a corporate security strategy
- You will likely identify ways to improve the efficiency of your IT infrastructure
- However not being compliant can be disastrous:
- Compromised data negatively affects consumers, merchants, and financial institutions
- Just one incident can severely damage your reputation and your ability to conduct business effectively, far into the future
- Account data breaches can lead to catastrophic loss of sales, relationships and standing in your community, and depressed share price if yours is a public company
- Possible negative consequences also include:
- Insurance claims
- Cancelled accounts
- Payment card issuer fines
- Government fines
You’ve worked hard to build your business – make sure you secure your success by securing your customers’ payment card data. Your customers depend on you to keep their information safe – repay their trust with compliance to the PCI Security Standards.
These tips were supplied by Revolution Payments, our merchant solutions partners.
Find out how you could save money on your credit card processing fees with your own merchant account here