What’s the Point?
If your business accepts or processes payment cards, it must comply with PCI DSS (Payment Card Industry Data Security Standards). All businesses and merchants that store, process, and transmit cardholder information are required to be PCI compliant.
By being PCI compliant, a merchant (and their customers, for that matter), can rest assured knowing that the proper steps have been taken to protect both buyer and seller from fraud. Additionally, merchants that are PCI compliant are not liable for security breaches.
Online customers feel more secure when they see a PCI compliant logo on a website as well, which can increase business and ensure customer satisfaction.
What is the PCI DSS?
The Payment Card Industry Data Security Standard (PCI DSS) is an industry-wide compliance requirement created for anyone who stores, processes, or transmits payment card data (like accepting credit card payments).
The PCI DSS was created in collaboration with the major payment card brands: American Express, Discover, JCB, MasterCard and Visa. The requirements are designed to reduce payment card compromises and data theft by helping secure sensitive information and reduce vulnerability to attacks.
Penalties for Noncompliance
Merchants may be fined up to $500,000 per incident if they are not PCI compliant at the time of a security breach.
Consequences for affected organizations may include:
- Regulatory notification requirements
- Loss of reputation
- Loss of customers
- Potential financial liabilities (for example, regulatory and other fees and fines)
How Much Does it Cost?
Most providers charge a monthly and/or annual fee for PCI compliance. This typically ranges anywhere from $20-$60 a month and up to $2500 per year or more, depending on the size of the business.
National Merchants Association is pleased to offer our PCI Compliance program for a low monthly fee of $7.95 (Card-present) or $9.95 (Card-not-present), a truly incredible value.
With NMA, you can become PCI compliant while cutting costs!
As a merchant who stores, processes, or transmits payment card data, you are required to be PCI DSS compliant by the major payment brands and National Merchants Association. We help our merchant partners become PCI certified. One of our dedicated account experts will help your business become certified immediately upon receipt of your terminal or virtual gateway and they will walk you through two easy steps to PCI DSS compliance:
- An annual Self-Assessment Questionnaire (SAQ) to determine if you are taking proper precautions to protect your payment card data, similar to an insurance questionnaire.
- Quarterly security scans if your systems are connected to the Internet. The scans look for weaknesses that an attacker might use to access your systems. A PCI-certified Approved Scanning Vendor (ASV), such as NMA’s partner, 403 Labs, must conduct these scans.*
No scan needed for dial-up or if you fall under the category of CV-T (merchants using only web-based terminals).
Give Your Customers Peace of Mind
Not all companies who offer PCI compliance offer a seal of approval or certification. Let your online surfers and shoppers know you are secure by displaying a security seal on your web site, updated automatically with a “click to verify” option.
Once you are PCI-certified through National Merchants Association, your customers can click on your PCI certification seal and will be shown a page verifying that your site is safe and meets industry regulations.