What does it mean to be PCI compliant?
What the heck does PCI even mean? Why should I care or waste my time on it? I’m a small business owner. This can’t possibly apply to me, can it?
All very good questions every business owner has to ask themselves at one point or another. In order to determine if PCI compliance applies to your business, there are a few other questions which must be answered as well.
So, you’re a small-medium size business owner. Do your customers come into your brick-and-mortar location(s) expecting to use their credit or debit cards to pay for their goods? Do you have credit card readers or terminals? Do you have an ATM in your location?
In short, if you accept credit, debit, or pre-paid cards at your place of business, you MUST be PCI compliant. So, now we’ve established this, what does it mean to be PCI compliant?
PCI stands for “Payment Card Industry” and it represents the processors, banks, credit card companies, and merchants who accept, collect, transmit, and process cardholder’s data.
The Payment Card Industry Security Standards Council was formed in 2006 and its purpose was to establish the security standards for all companies who collect, process, and transmit cardholders’ information must meet.
In short, they came up with the rules and any merchant who processes credit cards must follow those rules to avoid fines. This is for your safety. It’s like care insurance... You have to do it. Because if fraud happens in your store, you’re not liable.
Being compliant is a good thing!
Yes, you will incur fines if you are not PCI compliant. These fines are not meant to make business harder for you. They are the result of not meeting the requirements necessary to securely conduct credit card transactions.
These standards are there for your protection as well as your customers’. Fraudsters have become very brazen in their efforts to steal credit card information to use for their own devious purposes.
We’ve seen several very large security breaches in the last few years where hundreds of thousands of cardholders’ information was stolen from large databases.
The Payment Card Industry and major credit card companies are working very hard to enhance security features for credit cards and the credit card payment process. Part of their efforts include the new switch to EMV smart cards.
These cards have enhanced security features which are proven to significantly reduce the threat of fraud in the U.S. (one of the most heavily targeted countries in the world).
Because of the differences in EMV cards and how they are processed, merchants must make sure if they accept these EMV cards, they are meeting all the applicable security standards.
What’s the harm in just continuing on and ignoring PCI compliance?
Maybe you haven’t had any issues up until now and don’t see the point of investing the time and effort.
The harm can be significant, actually. For many small-medium size businesses, it can be so significant they are unable to continue doing business.
You will incur fines for not being PCI compliant. You will incur heavy fines if you experience a data breach and are not PCI compliant at the time of the breach. (There’s the insurance likeness again.)
Most small businesses cannot sustain these heavy losses to their bottom dollar. Many end up closing their doors because of it.
Even if the fines don’t put your business under, you will still have to report the security breach to the credit card companies and this report will be made public. I can think of few things worse for a business than to get bad press because of a security breach.
No customer wants to shop somewhere which has a history of fraud or security breaches. Customers already have enough concerns about their sensitive information.
Why would they put themselves further at risk by shopping at a place of business they can’t trust will protect their sensitive data?
It works to your benefit and the benefit of your business to you ensure you are PCI compliant. You want to develop a solid consumer base, right?
What better way to do this than to do your part to make sure you are meeting the highest security standards?
As a driver, you meet the standards of the car insurance industry… As a business owner, you also need to meet the standards of the payment card industry.
When customers know they can trust your business to use and store their credit card information safely, they have more faith in the process and won’t hesitate to shop there.
It will make your life easier, trust us. Don’t let the ball start rolling in the wrong direction.
Maybe you will be able to sustain some of the initial fees, but most banks and ISOs will discontinue doing business with you if they find out you are not PCI compliant.
(And why would you want to pay the fees in the first place if you don’t have to?)
The ones who don’t cancel your account will still raise your transaction fees. It’s a significant jump in fees too. These costs adds up. How long can your business sustain paying higher transaction fees? It will really start to cut into your bottom dollar over time.
All of this inconvenience can be avoided though. Get your business PCI compliant! Save yourself the headaches and potential loss of business.
If you have any other questions about PCI compliance, please, don’t hesitate to give us a call! We are ready and able to help you make sure you are PCI compliant.
We also offer, as a courtesy and a customer service, a dedicated PCI consultant for your account whom you can call anytime you need, next week or in five years! You’re dedicated PCI representative is there to walk you through anything you need… even the entire process of becoming compliant!
Just one of the many perks when you allow RedFynn’s business solutions to transform your business into a sealed tight, money making machine.
Give us a call today at (888) 510-9871