What Does PCI Stand for and How it Affects Your Business

You’re a business that uses credit cards and therefore has a merchant account service handling your payment processing. When you look through your contract or at your merchant bill, you may be seeing fees that you have no clue what they even mean. Batch fee? IRS fee? Statement fee? PCI Compliance fee? What does PCI stand for? What the heck do all these fees even have to do with my business? No need to fret! We’re here to explain PCI compliance to you, what its importance means for your business, and why you shouldn’t ignore it. 

What is PCI?

concerned woman looking at laptop with papers scattered around her.So, let’s break this down. The Payment Card Industry Data Security Standard (that’s a mouthful), or PCI DSS, is a set of requirements designed with safety in mind. It ensures that all companies that process, store, or transmit any credit card information maintain a secure and safe environment, where your business and your customers are protected.

The Payment Card Industry Security Standards Council (PCI SSC) was created in 2006 by the major credit card brands (Visa, MasterCard, American Express, Discover, and JCB) to put a distinct focus on improving payment account security throughout the transaction process.

Who does PCI apply to?

PCI applies to all merchants and all organizations that accept, transmit, or store any cardholder data. If a customer pays with a credit or debit card, then the PCI DSS standards apply. PCI compliance requirements differ according to merchant level and the card issuer. (Most merchants fall into the Level 4 category). You should also check with your card brand’s compliance program to ensure that you’re regarding their requirements as well.

Why is this So important?

concerned man looking at computer.Merchants that use a non-PCI certified provider can face class action lawsuits, fines of up to $10,000 per month and $500,000 per incident, and their noncompliance may result in a revocation of their ability to process transactions. These results can devastate a business, so it’s crucial to make sure that your provider is not going to jeopardize your business.

Most small business owners make the mistake of thinking that their business isn’t large enough for PCI compliance to matter to them. They are very wrong. Small businesses actually pose the most risk and they’re typically the ones that come under fire most of the time. Non-compliance can lead to many degrees of harm to any and all businesses owners, so compliance is the best way to avoid a disaster.

How do I satisfy PCI requirements?

To become PCI compliant or learn more about PCI, visit this website.

So, why am I being charged the PCI compliance fee?

Great question! PCI Compliance fees may come in the form of an annual fee ($99/year) or it can be a monthly fee ($19.95/month+). The next part is where things can get a little tricky.

  • Noncompliance. The PCI Compliance fee showing up could actually mean that it’s a noncompliance fee. If you are not a PCI compliant business, your processor will charge you a monthly fee for not being compliant with PCI DSS standards. It provides no value, and only serves as a reminder that your processor has no proof that you’re a compliant business. This fee can be removed by becoming compliant. Ask your processor what you need to do to become compliant because there’s really no reason not to be.

  • Data Breach Insurance. Some processors offer Data Breach Insurance for a fee. In Laymen’s terms, you’re paying a fee for insurance that may or may not cover you in the event of a data breach. The “insurer” (your processor) can deny your claim and this is why you should definitely be cautious of Data Breach Insurance. Ask your processor for all terms and details related to this fee, and if you’re unhappy, it’s time to switch processors.

  • Compliance. If you are PCI compliant, and you are legitimately paying a PCI compliance fee, then your processor should be regularly contacting you, helping you, educating you, offering you scanning services, and giving you updated protection advice. In that case, you’re getting your money’s worth from paying that fee because you’re receiving something in return for their support. The main problem comes into play when your processor is charging you for being compliant and not holding up their end of this deal. Talk to your merchant processor and see what tools and resources they can give you. If you’re unhappy with their services and fees, say goodbye!

Hopefully now you have a better understanding of PCI compliance and how it has an impact on your business. When it comes to the Payment Card Industry, it’s always better to be safe than sorry, especially with the disastrous outcomes that non-compliance can bring. To find out what your merchant level is and how you can become PCI compliant, visit this helpful resource.

Tired of paying that PCI compliance fee? With fattmerchant, you don’t have to! Learn more by contacting us today.


Business Owner's Payment Processing Guide to FATTSavings!


Previous Post
Authorize.net Competitors: Which Payment Gateway Fits Your Business?
Next Post
3 Ways the Right Virtual Terminal Can Help Your Business