To whom does PCI apply?
PCI DSS applies to ALL organizations or merchants that accept, transmit or store any cardholder data. Find out who needs PCI compliance and exactly what that means for you. Read More »
Who makes the rules?
The Payment Card Industry Security Standards Council (PCI SSC) administers PCI. The Council maintains, evolves, and promotes the PCI set of standards. It was founded by the major payment brands American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. Those card brands enforce the standards, not The Council.
Why does PCI DSS compliance matter?
According to PrivacyRights.org, more than 868 million records with sensitive information have been breached between January 2005 and June 2014. Not only does credit card fraud cause a major headache for the cardholder, it can ruin a merchant’s reputation and potentially its sales.
A data breach could also come with other baggage including:
- Fraud losses
- Cost of reissuing new payment cards
- Legal costs
- Fines and penalties
- Brand degradation
- Higher costs for future PCI assessments
- Employee turnover
- Lower consumer confidence
Each data breach or fraudulent activity affects the entire transaction ecosystem. That ecosystem includes cardholders, merchants, devices, software, processors, networks, banks among others. If a bad guy infiltrates any point in the ecosystem, everyone suffers the consequences. PCI DSS Compliance matters because we all must do our part to prevent and detect credit card fraud.