Being PCI Compliant is more than filling out forms and ticking boxes. As more and more consumers take their shopping online, it is vital that small business upholds security standards for the processing and storage of credit card information. Customers expect businesses to protect their credit card information, and businesses are liable if they don’t uphold those expectations. But with the increase of data breaches throughout the world, millions of dollars are lost to hacks and breaches each year. That is why, at the very least, small businesses should be PCI compliant.
Darren Gibson, Fig Pay’s Vice President of Sales elaborated further, ” With all the breaches that have been happening, nearly on a daily basis, there is a real need for these additional safeguards to be put in place to not only protect the general public, which we all want to do but to also help companies put added security measures in place.” The PCI Compliance rules help to prevent payment card fraud for which businesses are ultimately responsible.
Data breaches cost companies millions of dollars each year and those numbers are continuing to rise:
- The Ponemon Institute’s recent Cost of Data Breach Study estimates that the average total cost of a data breach is a staggering $4 million an increase in 23% from 2013
- Each compromised credit card costing $158
- On the whole, there is a 26% chance of a material data breach occurring in 2016 that will result in the loss/theft of 10,000 records or more
And still, we are seeing many businesses not take necessary precautions to keep their credit card information secure. Mr. Gibson continued, “If or when a merchant experiences a security breach and is found to be non-compliant with PCI, then they leave themselves open to fines from their acquiring banks. The fines, of which aren’t small either, depending on the circumstances of the hack a merchant may be forced to pay anywhere from $5,000 to $100,000 each month they remain uncompliant to the PCI Standards.” This also could lead to having the company’s ability to accept credit cards revoked.
Target’s Data Breach of 2013
Most of us remember the Target breach back in 2013. But what many of us don’t know are the numbers it took to clean up the mess it created. Target ended up spending over $200 million to reissue credit and debit cards after the breach and $88 million in other breach-related expenses. For a large business with hundreds of millions of dollars- this was a huge hit for Target and they even took a larger hit to their bottom line when they lost the trust of life-long customers. Even now, Target is still feeling that big breach financially.
Logic would seem to dictate that hackers only target big businesses; they have more money, more sales, more data, and so the rewards are much bigger. However, the reality is that small businesses are targeted disproportionately by your average hacker because they are often softer targets than major companies. Which is why it is so important that your computer systems, credit card processing software and internet connections are PCI compliant and secure.
“The computer network environment is still vulnerable,” Mr. Gibson concludes, ” Operating system providers are continually finding gaping holes that can be exploited, and the financial hackers are finding many, many more. These new threats directly affect how you as a merchant needs to do business in today’s marketplace. That if left ignored, can result in a breach and major financial and legal repercussions. We at Fig Pay don’t want that to happen to your business anytime soon.”
How this Affects Small Businesses
Because data breaches occur digitally, and most times without notice people don’t protect against them like they should. No business would leave their doors open at night and erect a giant sign inviting burglars to take whatever they want, but many are doing the online equivalent with their lax approach to protecting their financial network’s security. And if such a breach occurs to small business, or if a breach is even suspected, they can expect to be subject to a series of invasive safety checks that take days to complete and could result in major fines which have the real potential to put small businesses out of business.
If you want more information on how to keep your credit card payment secure contact us. We offer point-of-sale software and merchant services that are PCI compliant to help keep your customers credit card information secure.