For small merchants Payment Card Industry (PCI) standards can seem like a rule that only the big boys of business have to follow. But the consequences of failing to achieve and maintain PCI compliance apply to businesses of all sizes.
The thing to remember about PCI rules is that they apply to every merchant that accepts credit cards. A recent incident involving a retail store in Lakewood, New Jersey, underscores the big impact failing to maintain PCI compliance can have on a small business. In this case the store's ability to accept credit cards was revoked after the business failed to meet PCI standards.
PCI compliance should matter to you, too.
Unfortunately, many small retailers can be unaware of how the PCI standards work or how they are enforced. That leaves them vulnerable to penalties they had no idea they could face.
Just take this real life example. An article in the Lakewood Scoop recently laid out how one small business lost its credit card privileges. Can you imagine, in today's credit world, losing your ability to accept credit cards from your customers? And if you are primarily reliant on online sales, this could cripple your operations.
Here are some key points to know and remember daily about PCI compliance.
Here are some things to keep in mind:
- 1)PCI standards are industry standards created by credit card companies American Express, Discover Financial Services, JCB international, MasterCard and Visa. The PCI Security Standards Council maintains and enforces compliance rules.
- 2)The PCI Security Standards Council does not penalize merchants directly if they are found to be non-PCI complaint. That duty falls to the acquiring banks, which hold the credit. Penalties could range from fines to revocation of credit card transactions.
- 3)Know what your obligations are for proving PCI compliance. Typically, smaller merchants can provide information on PCI compliance through a self-assessment questionnaire. But it's also critical to know the expectations of the acquiring banks.
- 4)PCI compliance may seem burdensome, but in today's increasingly cyber dependent world, the threat of a data breach, and the impact that can have on your business, is worth taking the time to understand how to meet these standards.
To ensure that you meet PCI expectations, a third-party vendor such as ZZ Servers, can help your business achieve PCI compliance through log monitoring and archiving, firewall maintenance, intrusion detection, vulnerability testing and internal and external penetration testing.
As an ecommerce solutions provider, ZZ Servers offers PCI hosting packages for PCI Level 1, 2, 3 and 4 merchants. Fully PCI enabled hosting environments are available to all levels of business. We pride ourselves on offering ecommerce solutions for all businesses, no matter the size.