Payment Card Industry Data Security Standards
Data breaches are the enemy of the payments industry. The PCI-DSS, which stands for Payment Card Industry Data Security Standards, is a set of rules set forth by the PCI Security Standards Council specifically to lessen the chances of a data breach. This Council is comprised of Visa, MasterCard, Discover, American Express, and JCB International, and they share the goal of making payment processing safer for all those involved to protect against fraud and theft of card data. These are regulations that all merchants must stay compliant with in order to accept credit cards and choosing not to stay PCI-compliant is bad news for your business.
Failure to comply with the PCI-DSS can result in hefty fines for the offending merchant. Card networks can charge acquiring banks penalties in the thousands of dollars per month, and the acquiring banks then pass those penalties onto their merchants, costing merchants dearly. Because of this risk, it is necessary to research how your acquiring bank helps you stay PCI-compliant.
If you do experience a data breach, even if you’re PCI-compliant, you can still face fines and penalties. You may be required to pay cardholders whose data was stolen, which can total around $50-$90 per cardholder. Additionally, customers may lose faith in your company and be wary of returning to purchase from you.
Lawsuits are also a consequence of a data breach. Big-name companies pay settlements in the millions of dollars if they experience a cyber-attack. Target was the subjects of a major data breach just a few short years ago in 2013 and paid an $18.5 million multi-state settlement in 2017. In 2015, as the result of a class-action lawsuit, the retail company paid cardholders $10 million.
If you refuse to comply with the PCI-DSS, not only can you incur all of these potential fines and consequences, you also run the risk of your acquiring bank terminating your merchant account. All in all, it is just a much better idea to spend the time becoming PCI-compliant and drastically reducing the chances of a breach. Here at PayArc, we help merchants stay compliant through our partnership with ControlScan.