Do I Need To Become PCI Compliant?

Any company who "stores, transmits or processes" credit cards must become compliant with the PCI standard. This definition is very broad and essentially includes just about any company that accepts credit cards as a form of payment by any means.

Even companies using a third-party processor or gateway does not exclude the company from PCI compliance. It may cut down on their exposure and thereby reduce the scope of PCI efforts. However, it does not mean they can ignore PCI.

As all the major deadlines have already passed, companies really need to be compliant right now.

The question of when you should become compliant or whether it is necessary to become compliant is not relevent, the question really is "why are you not compliant yet". If you accept any form of credit card payments you must adhere to the standards set out by the Payment Card Industry Data Security Standard.

What are the penalties for noncompliance?

The payment brands may, at their discretion, fine an acquiring bank $10,000 to $100,000 per month for PCI compliance violations, with serious breaches incurring funes up to $550,000. The banks will most likely pass this fine on to the merchant, gateway or service provider. Furthermore, the bank will also most likely either terminate your relationship or increase transaction fees. Penalties are not openly discussed nor widely publicized, but they can be brutal and decisive if levied. But penalties are really just the tip of the iceberg. Civil litigation from credit card holders and/or other institutions could quickly bankrupt a company.

There are many aspects to penalties that can be incurred as the result of non-compliance. First, there are financial penalties. Effective October 1, 2006, vendor violations can range from $10K - 100K/month. In addition, possible restrictions up to permanent prohibition of the merchant’s participation in credit card programs could be applied to a non-compliance merchant who has a security breach. This all leads to a public lack of consumer trust due to confidential data disclosures, harming the reputation and brand of the merchant that may become irreparable.

DESIGN & MARKETING

• Creative Ideas
• Design and Brand Consulting
• Custom Website Design
• Search Engine Positioning
• Social Media Marketing
• E-Newsletter Service

DEVELOPMENT & CONSULTING

• Web Application Development
• Technology Consulting
• Content Management Systems
• E-Commerce Websites
• PCI Compliancy Consulting
• Mobile Application Development

Newsletter

Estimate

• Call: 1.866.862.8010
• Fill out an estimate request form
• Email: quotes@csekcreative.com