PCI compliance is one of the most important financial consideration you and your business need to be thinking about, and if your business takes card payments, regardless of whether that’s in store or online, this is important to you.
PCI compliance exists to ensure you’re protecting your customer’s private financial information; a requirement held by all major card providers, including Visa, American Express, Mastercard and other payment providers and banks.
Failure to comply with these regulations and you could find yourself in a lot of trouble and facing some serious fines. To ensure this doesn’t happen to you, here are four things you need to know.
#1 – Is My Business Affected?
As we mentioned above, if you conduct transactions with your customers via a card payment from a card provider and your customers are sharing financial and potentially sensitive information with you, PCI compliance affects you.
You need to make sure you’re protecting this information via an encrypted connection and other considerations listed in the PCI guidelines. From the moment you start taking card payments, even if you’re securing the process of taking credit card payments over the phone, you have two months to become fully compliant.
#2 – The Levels of PCI
Not all PCI compliance is the same, and the level of audit and the level of protection you need to provide depends on which level PCI you fall under. The levels are as follows;
Level 1 – Processing over 6,000,000 card transactions across all payment channels.
Level 2 – Processing 1,000,000 to 6 million card transactions across all available payment channels.
Level 3 – Processing 20,000 to 1 million online payment transactions.
Level 4 – Processing under 20,000 online transactions and up to 1,000,000 merchant transactions.
If you’re a level 1 business, you’ll need to have an approved vendor come into your business to give you an on-site assessment. Any other business level 1 to 3 will need to fill out a yearly assessment questionnaire.
#3 – How Much Does Being PCI Compliant Cost?
The cost of being PCI compliant will depend on several considerations, including the size of your business, how many transactions you process annually, and the type of card payments you take (see the level information above).
Typically, you’ll need to pay a monthly fee which is known as a PCI management fee which will normally be included in your quarterly card provider bill. Of course, the actual cost will depend on your personal circumstances and the provider you’re with, so make sure you’re asking them to find out.
#4 – Am I Charged for Being Non-Compliant?
You might be wondering, what happens if my business isn’t PCI compliant? As we mentioned above, you have two months to become compliant from the moment you start taking card payments. After this time, if your business is found to be non-compliant, depending on your level and severity, you can be fined.
The fines will range anywhere from $5,000to $10,000 per month and will continue to be added to your monthly bills as long as you’re non-compliant.
As you can see, it’s far more beneficial for your business to take the appropriate steps needed to becoming PCI compliant. Otherwise, you’re going to face huge fines that can seriously damage your business and what you’re doing. Always be proactive in being protected.
You may also like: How Does Online Payment Processing Work?