Payment Card Industry (PCI) standards represent the credit card industry’s attempt to self-regulate and protect consumers’ credit card data. The PCI Security Standards Council, which five major issuers (Visa, MasterCard, American Express, Discover and JCB) formed in 2006, organizes and supervises the new security standards.
Already, an industry of sorts has formed to implement, monitor and test merchants’ compliance with these new standards. There’s the PCI Council itself, as well as Qualified Security Assessors who meet the Security Council’s criteria for supervision and analysis of the standards. There are consultants who help merchants understand it all, and merchant account providers (also known as acquirers) help enforce the new standards. Many merchant account providers are now leveling “PCI fees” on the statements of their merchant customers.
As confusing as it all is for many merchants and vendors, proponents say the system is a necessary step to protect consumers’ credit card data, root-out sloppy programming and firewall breaches, and otherwise prevent lawmakers from regulating the industry, which, presumably, would be worse.
What are your views of the PCI standards and the enforcement of them? Practical Ecommerce is conducting a quick, confidential four-question survey to solicit your opinion. Completion of the survey will take only a couple of minutes and by doing so you’ll automatically register for a $25 Amazon gift certificate.
Please tell us your PCI compliance views today.