When are PCI Fees a good thing?
Many of you probably frown when you see a PCI compliance fee on the monthly merchant statement you receive from your payment processing company. But these PCI fees may actually be a good thing depending on what the fee actually entails.
PCI fees for non-compliance are a bad thing, and you need to do what it takes to get compliant and avoid this type of fee. This could be a s simple as upgrading you current POS, and or payment processing software.
PCI Fees that include compliance support and proactive payment security
If reasonable, PCI fees that include compliance support are worth every penny. Many processing companies offer this type of service, and many include some sort of financial assistance to cover certain costs associated with a data breach. For example, Mercury (www.vantiv.com) offers a program called OmniShield Assure that includes the following:
- PCI compliance assistance
- Monthly network scanning tests for over 6,000 operating system and application vulnerabilities
- Compliance monitoring software and data security templates
- Breach Assistance provides up to $100,000 for certain costs associated with a data breach, including:
- Mandatory forensic audit required by PCI-DSS
(Payment Card Industry Data Security Standard) - Credit card replacement costs
- Fines levied by the card associations
- Mandatory forensic audit required by PCI-DSS
- 24/7 Support and a printable Certificate of Compliance
Why compliance support and card data security are important
Some of you reading this may be asking “Do I really need this type of protection?” At the very least, you should take a look at the PCI services offered by your processing provider. Here are a few statistics:
- In the us, credit card fraud has increased 70% since 2007
- 80% of data breaches occur in small and medium sized businesses
- 43% of businesses reported a breach in 2014
- 60% of victims reported more than one breach
- $23,675 in average breach damage to small/level 4 merchants
In Summary
Like many of you I am sure, before seeing these numbers I thought that these breaches were primarily confined to the big box retailers. So, if you are seeing PCI fees on your merchant statements and are unsure of what they entail, please call your payment processing provider for clarification, as well as any additional information they may have concerning card data security and PCI compliance support. It could be money well spent.
See also: The General Store v11.0
