By: Stan Washington
Date: September 09, 2015
What does it mean to be PCI Compliant?
The Payment Card Industry Data Security
Standard (PCI DSS) is a set of requirements designed to ensure
that ALL companies that process, store or transmit credit card information
maintain a secure environment. Essentially any merchant that has a Merchant ID
(MID).
What are the penalties to small businesses for being non-compliant?
The
payment brands may, at their discretion, fine an acquiring bank $5,000 to
$100,000 per month for PCI compliance violations. The banks will most likely
pass this fine on downstream till it eventually hits the merchant. Furthermore,
the bank will also most likely either terminate your relationship or increase
transaction fees. Penalties are not openly discussed nor widely publicized, but
they can be catastrophic to a small business.
It
is important to be familiar with your merchant account agreement, which should
outline your exposure.
What is PCI Audit Relief for EMV? (October 2015)
If
more than 95% of merchant Visa transactions originate from Euro Pay,
MasterCard, Visa (EMV) -compliant POS terminals that support both contact and
contactless transactions, the merchant may apply for relief from the audit
requirement for PCI compliance (but is still mandated to be PCI compliant).
What happens on October 1, 2015?
Visa
The
party that has made investment in EMV deployment is protected from financial
liability for card-present counterfeit fraud losses on this date. If neither or both parties are EMV compliant,
the fraud liability remains the same as it is today. This date excludes automated fuel dispensers.
MasterCard
Fraud
Liability Shift. MasterCard liability
hierarchy takes effect. The party that
has made investment in the most secure EMV options is protected from financial
liability for card-present fraud losses for both counterfeit and lost, stolen
and non-receipt fraud on this date.
Account
Data Compromise Relief: On this date, if
at least 95% of MasterCard transactions originate from EMV-compliant POS
terminals, the merchant is relieved of 100% of account data compromise penalties.
Discover
TBD
American Express
Fraud
Liability Shift. American Express will institute a fraud liability shift policy
that will transfer liability for certain types of fraudulent transactions away
from the party that has the most secure form of EMV technology.
Honor Services Office
gets checked monthly on 300 or more points of compliance. Visit
http://www.honorservicesoffice.com for safe payments.
No comments:
Post a Comment