Is PCI Compliance Expensive?

 There are a couple of reasons on which cost of PCI DSS Compliant depends, which includes the type of your business, annual number of transactions, current IT infrastructure, and the existing credit/debit card network of processing and storing data.





Possible PCI Compliance Fees


According to estimations, the largest merchants of nation, categorized as Level 1 merchants (having more than 6 million transactions a year), spent $125,000 assessing the possible required PCI related work and an addition of $568,000 to meet the PCI requirements.


Reports state that level one 1 merchant, a national retailer having 210 stores, spent about $500,000 to become compliant. Furthermore, Level 2 merchants carrying out annual transactions in between 1 and 6 million may require spending $105,000 for assessment and an addition of $267,000 for compliance.


Level 3 merchants carrying out e commerce transactions between 20,000 to1, 000,000 are supposed to spend $44, 000 for assessing and $81, 000 more for compliance. The level 4 merchants handling e commerce transactions below 20,000 have different prices to pay for being compliant, which depends on the type of business.


Additional Costs


The costs of being PCI Compliant just don't end here; instead, there are a couple of additional costs. This might include the fee required for software and hardware upgrading, if the data is stored in house. According to calculations an organization having 100,000 credit cards on file is required to give $6 in encryption costs per card. On the other hand, technologies like tokenization can be used by the merchants. In tokenization (in which data storage is remote) there is a per transaction fee in place of upfront cost. In all of these estimates no opportunity and cost labor cost of other profit making endeavors has been included.


Requirements of the Merchants


A merchant accepting, processing or storing credit card data needs to be compliant. It is still essential for small retailers and restaurants using a single POS system or terminal to be PCI Compliant. Both businesses are required to fill out Self Assessment Questionnaire, but the compliance process is much less involved. POS systems used by merchants are required to stay extra careful to make sure that no prohibited card data is being stored improperly and are needed to validate their vendor as PABP compliant (soon to become PA DSS).


Cost for Being Non compliant


Being noncompliant is not an option and every large merchant is required to be PCI Compliant otherwise they will be imposed with huge monthly fines. A merchant being noncompliant has to pay additional interchange cost which will result in higher processing cost. The card brands are most likely to charge fines when a merchant is noncompliant at the time of data breach.


Also, the discovery and face remediation costs can be huge than the fines itself. The cost of data security break can be anywhere from $90 to $305 per customer data breached. Some merchants find PCI DSS requirements quite annoying and get frustrated about it; while some consider it as basic security requirements and think that it should be in place.


The BuyerShield® secure web interface lets you to track running PCI security scans and manage your Website(s) or IP addresses - so you are always in control. Built-in as you go flexibility means you can easily reduce or increase the assets or Website(s) that need PCI Compliance / Security checking.


Article Source: https://EzineArticles.com/expert/Sumit_John/2285027




Article Source: http://EzineArticles.com/9454206

Comments

Post a Comment

Popular posts from this blog

Benefits of Network Automation

Image
  Network automation is the process of automating the configuration , management, testing, deployment, and operations of physical and virtual devices within a network. Every day network tasks and functions are performed automatically. Using a combination of hardware and software-based solutions, large organizations , service providers, and enterprises can implement network automation to control and manage repetitive processes and improve network service availability . Today, networks are fully capable of undertaking the following tasks: Discovering topologies Managing bandwidth and finding fast reroutes to implement the best computing paths Performing root cause analysis Updating and installing routes Setting performance benchmarks Updating software Implementing security and compliance Working together, automation and orchestration simplify network operations involving complex configurations and devices' management while providing business agility to adapt to an ever-changing
Read more

Blogger gets major UI refresh on Android

Image
 Remember Google’s Blogger platform? If not, we’d understand, but tonight Google has started rolling out a major refresh to the Blogger app for Android in its first update since 2016, weirdly on the eve of its big hardware event. Blogger was once a very popular option for anyone who wanted to get their thoughts onto the internet, but over time, competitors such as WordPress and Medium stole the spotlight . The platform has been all but forgotten, but Google has unexpectedly given its Android app some attention. The new Blogger v3.0 .1 app for Android gives the app a complete redesign that offers up Material Design, a slick overall design, and more. That new design alone is a big deal as Blogger has been using the old “holo” design for ages now. Plus, the app finally has an updated icon with this release (which supports Android’s adaptive icon feature too). Somewhat hilariously , installing the old Blogger app (v2.1.3) would actually display a warning about incompatibility on new
Read more