PCI Compliance

What is PCI Compliance, and why do I need to pay an annual fee to be compliant?

Visa and MasterCard have recently mandated that all merchants insure that they are adequately protecting customers credit card information. There are several requirements. A merchant MUST:

Ensure that their equipment is transferring all data in a secure manner with proper encryption technology.

Ensure that the credit card number is not printed on the credit card receipt in it’s entirety.

Not store card holder information electronically unless using an approved PCI compliant manufacturer of the software.

Fill out an annual PCI self assessment questionnaire.

Upon completion of the questionnaire the merchant must provide a record of a security scan to their processor certifying that the merchant is PCI Compliant.

The process can be difficult so most merchants and ISO’s have opted to contract with an independent third party who can handle the PCI compliance requirements. Most ISO’s charge between $99.00 and $159.00 per year for this service. Visa and MasterCard have announced that merchants that are not compliant can be fined $10,000.00 and more whether they are a victim of data compromise or not.