Okay, so you understand, from reading the last installment of this blog, why it’s so important to achieve PCI DSS compliance. But there still may be one or more myths about PCI DSS and data breaches in general that are holding you back from addressing your own operation’s issues with a trusted vendor, such as pcAmerica. Here are a few common assumptions, debunked.

1.    Data breaches only affect larger retailers and restaurant operations.  Nope—and actually, the opposite is true. “Level 4” merchants, as small retail and hospitality establishments are classified under PCI DSS rules, outnumber their larger (Level 1, Level 2, and even Level 3) counterparts,  making them a more frequent target of cardholder data compromise. Visa has publicly said it continues to identify small merchants as the group most commonly victimized by hackers.

2.    One data breach won’t hurt in the long run. We’d like to say it’s so, but it isn’t; in fact,  a Level 4 merchant must suffer only one confirmed security breach before being forced to meet Level 1 compliance standards—the same ones to which the largest players must adhere. In the Level 1 category, the cost of achieving and maintaining compliance, as well as fines for security breaches, can total millions of dollars.

3.    A low transaction volume doesn’t necessitate compliance. Wrong, wrong, and wrong again—unless your establishment does not accept credit cards at all. Processing even a single credit card transaction each year puts businesses within the scope of PCI compliance.

Find out more about PCI DSS compliance and compliant point of sale systems at www.pcamerica.com. And next up: three more PCI DSS compliance myths.