If you’ve followed our blog for a few months now, you’ll have a good understanding of PCI DSS (Payment Card Industry Data Security Standard) and the latest updates made to the upcoming PCI DSS 3.0 that is scheduled to become effective January 1, 2014. It’s an important date and compliance for anybody who accepts credit cards around the world.
Even if you aren’t familiar with PCI DSS and the positive impact it has in reducing credit and debit card fraud, you should know the possible outcomes for your and/or your business if you aren’t meeting the Payment Card Industry Security Standards Council’s standards. Not meeting the standards – and having your website security compromised – will cost you a fine ranging from $5,000 to $500,000. And, that’s just the beginning when it comes to the penalty imposed for being noncompliant.
Cardholder Data – Still a Target for Crime
Businesses are given a large amount of trust by their customers – especially when it comes to data. And cardholder data is still a top target for criminals. It’s in the best interest of every business to handle cardholder data as securely as possible. PCI DSS holds merchants accountable for that security with strict criteria that are meant to curb card fraud and promote trust.
Aside from the potential of losing thousands of dollars, there are actually thousands of dollars to be saved – by working with a PCI DSS compliant 3rd party to ensure your business stays on the good side of compliance. Curious as to how you might save? Here are two ways:
1. Save money on asset inventories and documentation – Becoming PCI DSS compliant is no small feat. In fact, it can be quite expensive depending on your business. For companies and organizations, it takes time, money and other resources that could be more effective elsewhere. By choosing a 3rd party to manage your compliance and provide services, your resources are free to be leveraged where they are needed.
2. Insulate you from the costs of new PCI DSS versions – As PCI DSS requirements change, it’s up to your 3rd party to remaining in compliance in order to offer you services. They take on that cost while it’s business as usual for you and your customers. It’s a seamless partnership that offers you the flexibility and security you need to run your business by the PCI DSS rules.
PCI DSS Compliance is for Everybody
It’s been well documented that every company that accepts credit or debit cards must be PCI DSS compliant. Even if you only perform one card transaction per year, it’s required. There are no exceptions to PCI DSS compliance, either – companies either are, or are not, compliant and it’s only a matter of time before non-compliance is exposed through a security breach or some other action that gets noticed.
While getting a PCI DSS compliance can mean great expense for businesses, so can the threat of fines that can be in the hundreds of thousands of dollars. Many small businesses avoid the cost of compliance and fines altogether by outsourcing to a 3rd party processor that had already attained compliance.
Direct Pay Online has been meeting the compliance needs of retailers and service providers since 2006. Our open credit card processing solutions give customers the flexibility to process purchases using popular payment options such as credit and debit cards, processors (PayPal, Airtel) and bank transfers. As a Level I PCI DSS compliant service provider, we can service more customers worldwide as a credit and debit card processing platform provider.
Eran Feinstein is the founder of Direct Pay Online. Direct Pay Online provides global e-commerce and online payments solutions for the travel and related industries He is a leading authority in the fields of e-commerce, travel and payments, having acquired extensive experience from various parts of the world.