Thursday, August 20, 2009

PCI DSS in Small Business

According to a survey of 220 small merchants by ControlScan, the National Retail Federation and the PCI Knowledge Base, 86 percent of the small merchants are aware of Payment Card Industry Data Security Standards (PCI DSS) but they feel frustrated and bewildered with the complex requirements.

From this survey 72 percent of small retailers believe the risk of a data breach in their company is “low” or “not possible.” Since 2005, more than 80% of the instances of unauthorized access to card data have involved small merchants according to Visa USA Inc. These small merchants account for 85% of the seven million locations nationwide that accept credit cards.

Merchants, regardless of their size, found in violation of the PCI DSS guidelines can have fines that range from $10K - 100K a month. In addition, merchants who have a security breach and are found to be in non-compliance could possibly have their credit card processing rights suspended and even permanently disabled. This all leads to a lack of consumer trust due to confidential data disclosures, harming the reputation and brand of the merchant that may become irreparable.

For more information you may contact your STCR representative at (607) 757-0181. For more information on the PCI guidelines you can visit: https://www.pcisecuritystandards.org/