Visa USA adds financial incentives, fines to PCI program

Payment Card Industry (PCI) compliancy has been a big topic over the past year. In layman’s terms, it states merchants whom except credit cards should take certain precautions to ensure the security of card holder data. These precautions include but are not limited to, the use of firewalls, security protocols, updated anti-virus and intrusion software. Most companies typically do well with these, however, the place they often fall behind is with the storage of data in their POS Software or backups that should not be stored. Data such as credit card track data, CVV2 data, debit card PINs is not needed after the transaction has been run/approved and should not be stored.

Visa, MasterCard and American Express have been urging companies to become complaint in their protection of data over the past year, but are now adding incentives and larger fines for non-compliance. The push is to get all ‘acquiring’ financial institutions to be fully compliant with PCI requirements by August 31, 2007. Banks that fail to become compliant could face fines starting at $5,000 a month for each non-compliant merchant and the fines increase to $25,000 per month after December 31, 2007. In addition to the fines, merchant rates will also be effected by non-compliance. Merchants who fail to become complaint will see higher rates and fees for each credit card transaction.

As you can see, it is very important to make sure your POS Software is PCI complaint and if not, find out their plans to become complaint. ProphetLine POS Software has been compliant with PCI standards even prior to them being formally announced by Visa and continues to ensure card holder data is protected at all phases of the transaction and/or storage of data. If your POS software is not complaint and has no finalized plans they can tell you about, it may be time to consider a new POS package.

For more on this subject, you can read an article at Computer World by clicking here.