December 8, 2014
To ensure the safety of their customers’ confidential payment information, representatives of major credit card groups came together in 2006 and created the Payment Card Industry Security Standards Council (PCI SSC). This group is charged with the task of creating security protocols businesses are encouraged to follow in order to protect the privacy of confidential payment information.
While federal law doesn’t require businesses to follow the PCI Data Security Standards (DSS), should data breaches occur and private customer information be compromised, non-compliant companies could face severe penalties. At best, punishments range from monthly fines of $5,000 to $100,000. At worst, businesses could lose their merchant accounts altogether, thus being unable to process credit card transactions in the future.
In 2003, American merchants processed 15.2 billion credit card transactions. By 2012, that number grew to 23.8 billion. The world is becoming increasingly digitalized, and with smartphone and tablet adoption rates escalating, we can assume even more credit card transactions will be processed in the future thanks to the rise of mobile commerce.
Since that’s the case, businesses that can’t process credit card transactions will struggle to exist. And over time, they’ll almost certainly become irrelevant.
That’s why it’s imperative you make sure your business is PCI-compliant. If you’re not right now, rest assured you’re not alone: Believe it or not, as many as 67 percent of businesses aren’t in compliance with the current security standards.
But on Jan. 1, 2015, the newest iteration of the rules, PCI 3.0, goes into effect. So even if your business operates in accordance with the current standards, you’ve got to make sure you’ll be complaint with the coming changes.
The new rules can be read in their entirety here. Some highlights:
Have you taken steps to make sure your business is in compliance with the soon-to-be PCI standards? If you have any questions, please contact us. We are more than happy to help you make sure your cardholder data is secure and your business is protected.