PCI Compliance - This video is the true story of small business owner, Carla Yarborough, and how a credit card breach on her business POS system put the business on the verge of bankruptcy. You will learn: why PCI Compliance is crucial to your business; the reasons it is now mandated from the payment brands and acquirers; and what you can do to prevent yourself from becoming the next victim of credit card theft.

13 min You Tube Video produced by the non-profit organization - RSPA (Retail Solutions Provider Association)


Update from Carla Yarborough.
A credit card breach on her POS cost her $120,000. PCI Compliance is not an option anymore! Fines can cost your business $5,000 to $100,000 per month. PCI applies to every business that stores, processes or transmits cardholder information. If your business takes credit card transactions with a POS device, you are more at risk than an e-Commerce transaction as these types of transactions involve the storage of track data which is forbidden under PCI. If this type of data is compromised, your bank could bring levy heavy fines which could cost your business thousands of dollars.

5 min YouTube video update on Carla from the RSPA


Does PCI Compliance apply to me?
Answer: Yes. If you are a merchant or an organization set up to take credit cards by any mechanism, you need to be PCI compliant regardless of the size or number of transactions, that accepts, transmits, or stores any cardholder data. Whether you are a retail business, an eCommerce merchant, or a company taking mobile payments, PCI Compliance is mandatory. If you take credit cards over the phone, PCI Compliance applies to you.

What are the penalties for noncompliance?
Answer: The penalties are substantial. The fines and compensation requirements by the banks can cost between $50 and $90 to replace one card. The payment brands, at their discretion, can fine an acquiring bank who will more than likely pass the fine downstream until it hits you; fines $5,000 to $100,000 per month for PCI Compliant violations. The bank will more than likely terminate your relationship or increase your transactions fees.

What are the real costs if I am breached?
Answer:

 - Fines and penalties
- Termination of ability to accept payment cards; your bank will more than likely terminate your relationship or increase your transactions fees.
- Lost confidence, over 60% of customers will not return to a merchant that has been breached
- Lost sales
- Cost of reissuing new payment cards; fines and compensation requirements by the banks can cost between $50 and $90 to replace one card.
- Legal costs, settlements and judgments; payment brands, at their discretion, can fine an acquiring bank who will more than likely pass the fine downstream until it hits you; fines $5,000 to $100,000 per month for PCI Compliant violations.
- Fraud losses
- Higher subsequent costs of compliance
- Going out of business

The PCI Data Security Standard
The PCI DSS version 1.2 is the global data security standard adopted by the card brands for all organizations that process, store or transmit cardholder data. It consists of common sense steps that mirror best security practices.

Where can I find the PCI Quick Reference Guide?
https://www.pcisecuritystandards.org/pdfs/pci_ssc_quick_guide.pdf