PCI DSS: A Refresher
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards to ensure all companies that accept, process, store, or transmit credit card information secure it to protect cardholders against misuse of their personal information.
The fines arising from not being PCI compliant range from $5,000 to $500,000, and are levied by banks and credit card institutions. Even for companies that are PCI compliant, continuous compliance is necessary.
Any data breach of cardholder data can result in:
- Fines per cardholder data compromised
- Suspension of credit card acceptance by the merchant’s credit card account provider
- Possible civil litigation; and
- Loss of reputation with customers, suppliers, and partners
This is not an exhaustive review of all elements of the Regulation, nor is it legal advice. Please consult your own legal experts if required.