First, not all states have disclosure laws requiring merchants to disclose breaches and secondly, card associations are not required to disclose individual cases.
- More than 80% of the credit card breaches have occurred at small businesses.
- Visa levied $3.3 million in fines for non compliance against small businesses in just one year.
- MasterCard did not disclose their fines.
- Any business that accepts credit cards must agree to be PCI complaint.
Here are some interesting facts that you should know about PCI compliance standards:
- Visa, MasterCard and the other card brands have put the responsibility of maintaining compliance status on the processor or merchant account provider. They've successfully done this with a policy of making them responsible for paying fines when breaches occur.
- While these processors are responsible for fines, they will almost always pass whatever they're fined onto the merchant.
- If merchants are ultimately responsible for the fines, it is their responsibility to maintain PCI standards and stay up to date with their technology.
IES would love to help you become compliant. Give us a call at 781-816-9437 or check us out online at iesAdvisors.com.