It’s remarkable how few people have heard of PCI compliance. It doesn’t make the news, the press don’t mention it and if you talk to your bank manager or accountant they probably won’t know what you mean. But if you are involved in taking card payments via ecommerce and or traditional retail you need to know what it is and why it is very important you understand it.
The Payment Card Industry Data Security Standard to give it its full title is a set of guidelines handed down by the payment card industry, the banks and credit card companies, to ensure that customer’s card information is protected and secure. As the PCI Security Council website states,
“In security terms, it means that your business adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. In operational terms, it means that you are playing your role to make sure your customers’ payment card data is being kept safe throughout every transaction, and that they – and you – can have confidence that they’re protected against the pain and cost of data breaches.”
Isn’t that nice, retailers can play a role in ensuring customer data is secure; something I am sure we all want. The website www.pcisecuritystandards.org lists a range of benefits to merchants from PCI and there is no doubt that compliance is a good thing.
However there is a major sting in the tail for those who fail to meet the standards. Listed consequences for non-compliance include: Lawsuits, Insurance claims, Cancelled accounts, Payment card issuer fines and government fines.
If you think that sounds bad it gets worse. Fines can be per terminal for the company, so an ecommerce shop, linked to a bricks and motor retail operation with three stores, each store having three card machines means your fines being ten-fold. And your liability to fraud does not stop at the fraudulent transaction on your payment terminal but potentially on all fraud on the card used. Take a moment to consider the implications of that!
So if you take card payments you need to be taking PCI compliance seriously, because if you haven’t been affected yet, you will be and the consequences for burying your head could be disastrous.
About The Author: Nigel Wilkinson is the Managing Director of WNW Design Ltd. In addition to his business interests, Nigel is married to Movement teacher Michelle, the father of teenage twins, an avid Networker, a Social Media commentator, a keen golfer and football supporter. He is also an active member of Exmouth Chamber of Commerce, being Chairman from 2009 – 2011.You can follow him on Twitter @nigelwnw, or telephone on 01395 542 569. You can also find WNW Design on Facebook here.