pcamerica contact sitemap pcamerica pcamerica blog home
point of sale system












Categories

Archive

Putting Together the PCI Puzzle

(Part One of a Series)

By now, almost everyone in the retail and hospitality industry has heard rumblings about PCI (Payment Card Industry) compliance and the PCI Data Security Standard (PCI DSS). But what exactly is it, and why should you sit up and pay attention? For one thing, if you don’t, your business may be at stake.

PCI DSS is a set of 12 requirements for enhancing the security of payment account data, including consumer credit card information. The founding payment “brands” of an entity called the PCI Security Standards Council—namely, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International—developed the PCI DSS to promote widespread adoption of consistent data security measures worldwide. And the council was obviously on the right track with this project: Since 2007, there have been more than 1,600 data breaches affecting 385 million consumer records, says Javelin Strategy & Research, a consulting firm that focuses on the financial services and payment industries.

Non-compliance with PCI requirements—which we’ll discuss in the next part of this series and with which reputable technology vendors such as pcAmerica can assist merchants—can have major consequences. The average cost associated with a data breach that results from a lack of PCI compliance is $204 per customer record and stands at about $6.75 million per incident when fines, adherence to data breach notification requirements, and many other items are factored in, according to Ponemon Institute, which conducts independent research on privacy, data protection and information security policy.

What’s more, once a retailer or restaurant has experienced a data breach, it is likely to lose customers. By Javelin’s estimates, 43% of consumers avoid an establishment following a data breach and 31% spend less money there than they did before the incident occurred.

If all these statistics aren’t enough to convince you, think about this: Of operations in all industries that handle customer payment information, hospitality has seen the highest percentage of data breaches (38%); retail, 13%, according to the TrustWave 2010 Global Security Report.