PCI Compliance in a Nutshell
While running your online store at some point some questions will be asked to you: Is your business PCI Compliant? Have you completed any Self Assessment Questionnaire? What Compliance level you are on? These questions might keep on going; but the best way to answer these questions will be to carefully listen what is being asked. Other than this, You should be aware about the PCI Compliance and how much important it really is for you as being a merchant.
What is PCI DSS?
PCI DSS stands for Payment Card Industry Data Security Standard, administered by the Payment Card Industry Security Standards Council. The PCI is a set of standards combined together by American Express, Discover, JCB, Master Card and VISA.
What is the importance of DSS Compliance?
The main objective of PCI DSS is to safeguard the credit card data and to put a stop to credit card fraud. The main idea of the standard is to make sure that merchants are giving their best in protecting their customer’s credit card data. There are certain penalties that can be very burdensome for a small business. Being non compliant can result in payment brands, like American Express, Discover, JCB, Master Card and Visa, to issue a fine ranging between $5,000 to 100,000 each month to the acquiring bank.
In many cases these fines are passed onto the merchant by the bank, resulting in termination of the merchant or amplify the transaction fees of the merchant.
Is there any need for my online store to be PCI Compliant?
If your business stores, transmits or processes credit card data; then it is necessary for you to be PCI Compliant.
I never knew about PCI Compliance and have been running my online store from a long time without any trouble. Is this all a lie?
The acquiring bank and payment brands can choose to review your online business at their judgment. The PCI DSS is present from 2004 and no doubt banks do take time to get things moving; but they are finally starting to understand how important the PCI compliance is.
Banks have to pay huge fines for entry of non compliant merchants, and it is best for them to keep themselves protected from such fines. It is always good to keep the customer’s data protected and to keep away from the fines that are implemented for being non compliant.
Misconceptions Regarding Who should be PCI Compliant
A lot of merchants think that as they are not storing any credit card data on their systems, so there is no need for them to follow the requirements of PCI DSS. The requirements state clearly about processing and transmitting of data, and not only about storing of information; so it is better to understand the requirements carefully, in order to stay away from paying any fines and from getting your reputation spoiled by losing credit card data.