Who Wants Me Compliant?
The acquirer (also known as merchant bank, ISO, credit card processor, etc.) is ultimately responsible for ensuring that their merchants are aware of PCI compliance and enforce policies that track merchant compliance.
The payment card brands handle the validation process, definition of merchant and service provider levels and all penalties, fees and compliance deadlines. Additionally, in the case of an actual or suspected breach, the payment brands are responsible for forensics and response efforts related to the data compromise.
Regardless of the size of your business, you have a responsibility to protect cardholder. You must validate your compliance on a regular basis to show that the security measures you have taken are effective. While the type of validation varies based on the number of card transactions you process each year, all merchants are required to comply with the PCI Data Security Standard.
Why Become Compliant?
Many merchants don’t believe there are any benefits to compliance, when in fact, becoming compliant can secure your business and help avoid serious consequences, especially if you are a smaller business. According to the 2011 Data Breach Investigation Report by Verizon, breaches are more common among smaller organizations.
By becoming compliant, you can:
- Avoid heavy fines and fees
- Minimize the risk of a security breach and lost profits
- Avoid losing the ability to process payment cards
- Protect brand integrity and reputation
- Provide peace-of-mind that you are protecting your business and customers
Don’t let your business lose out, learn more about compliance by clicking on the items to your right. |
